| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Jun 2022 16:31:22 +0800
From: Hangyu Hua <hbh25y@...il.com>
To: jmaloy@...hat.com, ying.xue@...driver.com, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
tung.q.nguyen@...tech.com.au
Cc: netdev@...r.kernel.org, tipc-discussion@...ts.sourceforge.net,
linux-kernel@...r.kernel.org, Hangyu Hua <hbh25y@...il.com>
Subject: [PATCH v2] net: tipc: fix possible infoleak in tipc_mon_rcv()
dom_bef is use to cache current domain record only if current domain
exists. But when current domain does not exist, dom_bef will still be used
in mon_identify_lost_members. This may lead to an information leak.
Fix this by adding a memset before using dom_bef.
Fixes: 35c55c9877f8 ("tipc: add neighbor monitoring framework")
Signed-off-by: Hangyu Hua <hbh25y@...il.com>
---
v2: remove redundant 'dom_bef.member_cnt = 0;'
net/tipc/monitor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c
index 2f4d23238a7e..03b5d0b65169 100644
--- a/net/tipc/monitor.c
+++ b/net/tipc/monitor.c
@@ -534,7 +534,7 @@ void tipc_mon_rcv(struct net *net, void *data, u16 dlen, u32 addr,
state->peer_gen = new_gen;
/* Cache current domain record for later use */
- dom_bef.member_cnt = 0;
+ memset(&dom_bef, 0, sizeof(dom_bef));
dom = peer->domain;
if (dom)
memcpy(&dom_bef, dom, dom->len);
--
2.25.1
Powered by blists - more mailing lists