| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260109-wild-whippet-of-unity-a0f2ce-mkl@pengutronix.de>
Date: Fri, 9 Jan 2026 09:18:35 +0100
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: Vincent Mailhol <mailhol@...nel.org>
Cc: Jerry Wu <w.7erry@...mail.com>, extja@...ser.com, eeodqql09@...il.com,
linux-can@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] can: kvaser_usb: kvaser_usb_leaf: Fix some
info-leaks to USB devices
On 09.01.2026 08:50:03, Vincent Mailhol wrote:
> +CC: Jimmy
>
> On 09/01/2026 at 02:36, Jerry Wu wrote:
> > Uninitialized Kernel memory can leak to USB devices.
>
> Please explain in your description which field(s) is(are) uninitialized
> in cmd.
Some memory at the end of struct kvaser_cmd is uninitialized, but
usb_bulk_msg() doesn't send the whole struct.
regards,
Marc
P.S.: It may be a coincidence, but Kery Qi's patch [1] had a similar
form. You take the bug class of an existing CVE and search for the same
pattern in other drivers. I like the idea. Please take a little more
time and check whether it really is a bug before sending bug fix
patches. Otherwise please label the patches accordingly.
[1] https://lore.kernel.org/all/20260108082042.1627-1-qikeyu2017@gmail.com/
--
Pengutronix e.K. | Marc Kleine-Budde |
Embedded Linux | https://www.pengutronix.de |
Vertretung Nürnberg | Phone: +49-5121-206917-129 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9 |
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists