lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Oct 2016 11:45:28 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: "David S. Miller" <davem@...emloft.net>, Moshe Shemesh <moshe@...lanox.com> Cc: Roopa Prabhu <roopa@...ulusnetworks.com>, Nicolas Dichtel <nicolas.dichtel@...nd.com>, Nikolay Aleksandrov <nikolay@...ulusnetworks.com>, Eric Dumazet <edumazet@...gle.com>, Hannes Frederic Sowa <hannes@...essinduktion.org>, Nogah Frankel <nogahf@...lanox.com>, Brenden Blanco <bblanco@...mgrid.com>, netdev@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: [patch -next] net: rtnl: info leak in rtnl_fill_vfinfo() The "vf_vlan_info" struct ends with a 2 byte struct hole so we have to memset it to ensure that no stack information is revealed to user space. Fixes: 79aab093a0b5 ('net: Update API for VF vlan protocol 802.1ad support') Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index b06d2f4..fb7348f 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -1144,6 +1144,8 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb, if (dev->netdev_ops->ndo_get_vf_config(dev, vfs_num, &ivi)) return 0; + memset(&vf_vlan_info, 0, sizeof(vf_vlan_info)); + vf_mac.vf = vf_vlan.vf = vf_vlan_info.vf =
Powered by blists - more mailing lists