lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 19 Dec 2020 14:02:58 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Dan Carpenter <dan.carpenter@...cle.com>, Peilin Ye <yepeilin.cs@...il.com>, "Dmitry V. Levin" <ldv@...linux.org>, Christian Brauner <christian.brauner@...ntu.com> Subject: [PATCH 5.4 01/34] ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() From: Peilin Ye <yepeilin.cs@...il.com> commit 0032ce0f85a269a006e91277be5fdbc05fad8426 upstream. ptrace_get_syscall_info() is potentially copying uninitialized stack memory to userspace, since the compiler may leave a 3-byte hole near the beginning of `info`. Fix it by adding a padding field to `struct ptrace_syscall_info`. Fixes: 201766a20e30 ("ptrace: add PTRACE_GET_SYSCALL_INFO request") Suggested-by: Dan Carpenter <dan.carpenter@...cle.com> Signed-off-by: Peilin Ye <yepeilin.cs@...il.com> Reviewed-by: Dmitry V. Levin <ldv@...linux.org> Cc: stable@...r.kernel.org Link: https://lore.kernel.org/r/20200801152044.230416-1-yepeilin.cs@gmail.com Signed-off-by: Christian Brauner <christian.brauner@...ntu.com> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- include/uapi/linux/ptrace.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/include/uapi/linux/ptrace.h +++ b/include/uapi/linux/ptrace.h @@ -81,7 +81,8 @@ struct seccomp_metadata { struct ptrace_syscall_info { __u8 op; /* PTRACE_SYSCALL_INFO_* */ - __u32 arch __attribute__((__aligned__(sizeof(__u32)))); + __u8 pad[3]; + __u32 arch; __u64 instruction_pointer; __u64 stack_pointer; union {
Powered by blists - more mailing lists