Patch "net: fix infoleak in rtnetlink" has been added to the 4.5-stable tree

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

* Patch "net: fix infoleak in rtnetlink" has been added to the 4.5-stable tree
@ 2016-05-16 18:26 gregkh
  0 siblings, 0 replies; only message in thread
From: gregkh @ 2016-05-16 18:26 UTC (permalink / raw)
  To: kangjielu, davem, gregkh, kjlu; +Cc: stable, stable-commits


This is a note to let you know that I've just added the patch titled

    net: fix infoleak in rtnetlink

to the 4.5-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     net-fix-infoleak-in-rtnetlink.patch
and it can be found in the queue-4.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From foo@baz Mon May 16 11:20:33 PDT 2016
From: Kangjie Lu <kangjielu@gmail.com>
Date: Tue, 3 May 2016 16:46:24 -0400
Subject: net: fix infoleak in rtnetlink
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Kangjie Lu <kangjielu@gmail.com>

[ Upstream commit 5f8e44741f9f216e33736ea4ec65ca9ac03036e6 ]

The stack object “map” has a total size of 32 bytes. Its last 4
bytes are padding generated by compiler. These padding bytes are
not initialized and sent out via “nla_put”.

Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/core/rtnetlink.c |   18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1176,14 +1176,16 @@ static noinline_for_stack int rtnl_fill_
 
 static int rtnl_fill_link_ifmap(struct sk_buff *skb, struct net_device *dev)
 {
-	struct rtnl_link_ifmap map = {
-		.mem_start   = dev->mem_start,
-		.mem_end     = dev->mem_end,
-		.base_addr   = dev->base_addr,
-		.irq         = dev->irq,
-		.dma         = dev->dma,
-		.port        = dev->if_port,
-	};
+	struct rtnl_link_ifmap map;
+
+	memset(&map, 0, sizeof(map));
+	map.mem_start   = dev->mem_start;
+	map.mem_end     = dev->mem_end;
+	map.base_addr   = dev->base_addr;
+	map.irq         = dev->irq;
+	map.dma         = dev->dma;
+	map.port        = dev->if_port;
+
 	if (nla_put(skb, IFLA_MAP, sizeof(map), &map))
 		return -EMSGSIZE;
 


Patches currently in stable-queue which might be from kangjielu@gmail.com are

queue-4.5/net-fix-infoleak-in-llc.patch
queue-4.5/net-fix-a-kernel-infoleak-in-x25-module.patch
queue-4.5/net-fix-infoleak-in-rtnetlink.patch

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2016-05-16 18:34 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-05-16 18:26 Patch "net: fix infoleak in rtnetlink" has been added to the 4.5-stable tree gregkh

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox