| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210321163210.GC26497@amd>
Date: Sun, 21 Mar 2021 17:32:10 +0100
From: Pavel Machek <pavel@...x.de>
To: kernel list <linux-kernel@...r.kernel.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andriin@...com>,
Eric Dumazet <edumazet@...gle.com>,
Wei Wang <weiwan@...gle.com>,
Cong Wang <cong.wang@...edance.com>,
Taehee Yoo <ap420073@...il.com>,
Björn Töpel <bjorn@...nel.org>,
netdev@...r.kernel.org
Subject: net/dev: fix information leak to userspace
dev_get_mac_address() does not always initialize whole
structure. Unfortunately, other code copies such structure to
userspace, leaking information. Fix it.
Signed-off-by: Pavel Machek (CIP) <pavel@...x.de>
Cc: stable@...nel.org
diff --git a/net/core/dev.c b/net/core/dev.c
index 6c5967e80132..28283a9eb63a 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -8949,11 +8949,9 @@ int dev_get_mac_address(struct sockaddr *sa, struct net *net, char *dev_name)
ret = -ENODEV;
goto unlock;
}
- if (!dev->addr_len)
- memset(sa->sa_data, 0, size);
- else
- memcpy(sa->sa_data, dev->dev_addr,
- min_t(size_t, size, dev->addr_len));
+ memset(sa->sa_data, 0, size);
+ memcpy(sa->sa_data, dev->dev_addr,
+ min_t(size_t, size, dev->addr_len));
sa->sa_family = dev->type;
unlock:
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists