| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Apr 2011 03:54:45 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: Greg KH <gregkh@...e.de>
Cc: linux-kernel@...r.kernel.org, stable@...nel.org,
Dan Rosenberg <drosenberg@...curity.com>,
Alex Elder <aelder@....com>, akpm@...ux-foundation.org,
torvalds@...ux-foundation.org, stable-review@...nel.org,
alan@...rguk.ukuu.org.uk
Subject: Re: [Stable-review] [18/74] xfs: prevent leaking uninitialized
stack memory in FSGEOMETRY_V1
On Wed, 2011-04-13 at 08:50 -0700, Greg KH wrote:
> 2.6.32-longterm review patch. If anyone has any objections, please let us know.
>
> ------------------
>
> From: Dan Rosenberg <drosenberg@...curity.com>
>
> commit c4d0c3b097f7584772316ee4d64a09fe0e4ddfca upstream.
>
> The FSGEOMETRY_V1 ioctl (and its compat equivalent) calls out to
> xfs_fs_geometry() with a version number of 3. This code path does not
> fill in the logsunit member of the passed xfs_fsop_geom_t, leading to
> the leaking of four bytes of uninitialized stack data to potentially
> unprivileged callers.
[...]
This caused a serious regression and requires a second fix:
commit af24ee9ea8d532e16883251a6684dfa1be8eec29
Author: Alex Elder <aelder@....com>
Date: Tue Mar 1 17:50:00 2011 +0000
xfs: zero proper structure size for geometry calls
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists