| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160714103415.GE18175@mwanda>
Date: Thu, 14 Jul 2016 13:34:16 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Zhao Qiang <qiang.zhao@....com>
Cc: netdev@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
kernel-janitors@...r.kernel.org
Subject: [patch -next] wan/fsl_ucc_hdlc: info leak in uhdlc_ioctl()
There is a 2 byte struct whole after line.loopback so we need to clear
that out to avoid disclosing stack information.
Fixes: c19b6d246a35 ('drivers/net: support hdlc function for QE-UCC')
Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
diff --git a/drivers/net/wan/fsl_ucc_hdlc.c b/drivers/net/wan/fsl_ucc_hdlc.c
index 19174ac..7608561 100644
--- a/drivers/net/wan/fsl_ucc_hdlc.c
+++ b/drivers/net/wan/fsl_ucc_hdlc.c
@@ -635,6 +635,7 @@ static int uhdlc_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
ifr->ifr_settings.size = size; /* data size wanted */
return -ENOBUFS;
}
+ memset(&line, 0, sizeof(line));
line.clock_type = priv->clocking;
line.clock_rate = 0;
line.loopback = 0;
Powered by blists - more mailing lists