| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <afa31e81-84d9-fc54-e6cf-a8301f1cf33a@kernel.dk>
Date: Fri, 2 Oct 2020 12:02:03 -0600
From: Jens Axboe <axboe@...nel.dk>
To: Peilin Ye <yepeilin.cs@...il.com>,
syzbot <syzbot+85433a479a646a064ab3@...kaller.appspotmail.com>
Cc: Dan Carpenter <dan.carpenter@...cle.com>,
Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
glider@...gle.com, Anant Thazhemadam <anant.thazhemadam@...il.com>,
linux-kernel-mentees@...ts.linuxfoundation.org,
linux-block@...r.kernel.org, syzkaller-bugs@...glegroups.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4] block/scsi-ioctl: Fix kernel-infoleak in
scsi_put_cdrom_generic_arg()
On 10/2/20 8:22 AM, Peilin Ye wrote:
> scsi_put_cdrom_generic_arg() is copying uninitialized stack memory to
> userspace, since the compiler may leave a 3-byte hole in the middle of
> `cgc32`. Fix it by adding a padding field to `struct
> compat_cdrom_generic_command`.
Applied, thanks.
--
Jens Axboe
Powered by blists - more mailing lists