| commit | 9705b410152451e509ec0049aa1ce6eab79b98e7 | |
| author | Alan Stern <stern@rowland.harvard.edu> | |
| Fri, 13 Feb 2015 15:54:53 +0000 (13 10:54 -0500) | ||
| committer | Sasha Levin <sasha.levin@oracle.com> | |
| Sat, 14 Mar 2015 19:37:24 +0000 (14 15:37 -0400) | ||
| tree | 9e03733a1de4569f05107c4c29ee86c4c6a76ea9 | treesnapshot (tar.gz zip) |
| parent | 405703342558427c0e97e1178074c7df15047bd4 | commitdiff |
USB: usbfs: don't leak kernel data in siginfo
commit f0c2b68198589249afd2b1f2c4e8de8c03e19c16 upstream.
When a signal is delivered, the information in the siginfo structure
is copied to userspace. Good security practice dicatates that the
unused fields in this structure should be initialized to 0 so that
random kernel stack data isn't exposed to the user. This patch adds
such an initialization to the two places where usbfs raises signals.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Dave Mielke <dave@mielke.cc>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
commit f0c2b68198589249afd2b1f2c4e8de8c03e19c16 upstream.
When a signal is delivered, the information in the siginfo structure
is copied to userspace. Good security practice dicatates that the
unused fields in this structure should be initialized to 0 so that
random kernel stack data isn't exposed to the user. This patch adds
such an initialization to the two places where usbfs raises signals.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Dave Mielke <dave@mielke.cc>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
| drivers/usb/core/devio.c | diffblobblamehistory |