| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2022 02:05:41 +0000
From: taolan <taolan@...wei.com>
To: <pmladek@...e.com>, <senozhatsky@...omium.org>,
<rostedt@...dmis.org>, <john.ogness@...utronix.de>
CC: <linux-kernel@...r.kernel.org>
Subject: [PATCH] printk: fix kernel msg leakage in syslog_print_all function;
From: t00264981 <taolan@...wei.com>
This function applies for memory but does not initialize the memory,and
then invokes copy_to_user to copy the memory to the user space, which
causes kernel information leaks.
[ 148.439660] kernel memory leak value 0xffffff80aed972bc at
0xffffffd37f00a000 to 0x704b883e74
Signed-off-by: t00264981 <taolan@...wei.com>
---
kernel/printk/printk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index da03c15ecc89..22d7d821909d 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -1591,7 +1591,7 @@ static int syslog_print_all(char __user *buf, int size, bool clear)
u64 seq;
bool time;
- text = kmalloc(CONSOLE_LOG_MAX, GFP_KERNEL);
+ text = kzalloc(CONSOLE_LOG_MAX, GFP_KERNEL);
if (!text)
return -ENOMEM;
--
2.18.0.huawei.25
Powered by blists - more mailing lists