| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_DC992CCFD60DA625808DAC12465DA2DDA907@qq.com>
Date: Sun, 22 Jun 2025 10:37:02 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+9b9124ae9b12d5af5d95@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [kernel?] KMSAN: kernel-infoleak in vmci_host_unlocked_ioctl (3)
#syz test
diff --git a/drivers/misc/vmw_vmci/vmci_host.c b/drivers/misc/vmw_vmci/vmci_host.c
index b64944367ac5..e0d3af8e62b5 100644
--- a/drivers/misc/vmw_vmci/vmci_host.c
+++ b/drivers/misc/vmw_vmci/vmci_host.c
@@ -434,6 +434,7 @@ static int vmci_host_do_receive_datagram(struct vmci_host_dev *vmci_host_dev,
&size, &dg);
if (recv_info.result >= VMCI_SUCCESS) {
+ memset((char*)dg + 27, 0, 4);
void __user *ubuf = (void __user *)(uintptr_t)recv_info.addr;
retval = copy_to_user(ubuf, dg, VMCI_DG_SIZE(dg));
kfree(dg);
Powered by blists - more mailing lists