Date: Thu, 3 Nov 2016 12:44:32 +0800 From: Shawn <citypw@...il.com> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: kernel: fix minor infoleak in get_user_ex() Hi guys, I suppose this bug should get a CVE number. Info: get_user_ex(x, ptr) should zero x on failure. It's not a lot of a leak (at most we are leaking uninitialized 64bit value off the kernel stack, and in a fairly constrained situation, at that), but the fix is trivial, so... Cc: stable@...r.kernel.org Signed-off-by: Al Viro <viro@...iv.linux.org.uk> [ This sat in different branch from the uaccess fixes since mid-August ] Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org> Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1c109fabbd51863475cd12ac206bdd249aee35af Impact: According to Spender: https://lwn.net/Articles/705264/ Mitigation: PaX/Grsecurity's KERNEXEC/UDEREF SMEP -- GNU powered it... GPL protect it... God blessing it... regards Shawn
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.