| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fc255ca5-0171-1bae-18a1-4feb6cbf4b3c@redhat.com>
Date: Mon, 4 Jul 2022 10:03:20 -0400
From: Jon Maloy <jmaloy@...hat.com>
To: Hangyu Hua <hbh25y@...il.com>, ying.xue@...driver.com,
davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com
Cc: netdev@...r.kernel.org, tipc-discussion@...ts.sourceforge.net,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: tipc: fix possible infoleak in tipc_mon_rcv()
On 6/27/22 22:59, Hangyu Hua wrote:
> dom_bef is use to cache current domain record only if current domain
> exists. But when current domain does not exist, dom_bef will still be used
> in mon_identify_lost_members. This may lead to an information leak.
>
> Fix this by adding a memset before using dom_bef.
>
> Fixes: 35c55c9877f8 ("tipc: add neighbor monitoring framework")
> Signed-off-by: Hangyu Hua <hbh25y@...il.com>
> ---
> net/tipc/monitor.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c
> index 2f4d23238a7e..67084e5aa15c 100644
> --- a/net/tipc/monitor.c
> +++ b/net/tipc/monitor.c
> @@ -534,6 +534,7 @@ void tipc_mon_rcv(struct net *net, void *data, u16 dlen, u32 addr,
> state->peer_gen = new_gen;
>
> /* Cache current domain record for later use */
> + memset(&dom_bef, 0, sizeof(dom_bef));
> dom_bef.member_cnt = 0;
> dom = peer->domain;
> if (dom)
Acked-by: Jon Maloy <jmaloy@...hat.com>
Powered by blists - more mailing lists