Patch "net: fix infoleak in rtnetlink" has been added to the 3.14-stable tree

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

* Patch "net: fix infoleak in rtnetlink" has been added to the 3.14-stable tree
@ 2016-05-16 21:49 gregkh
  0 siblings, 0 replies; only message in thread
From: gregkh @ 2016-05-16 21:49 UTC (permalink / raw)
  To: kangjielu, davem, gregkh, kjlu; +Cc: stable, stable-commits


This is a note to let you know that I've just added the patch titled

    net: fix infoleak in rtnetlink

to the 3.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     net-fix-infoleak-in-rtnetlink.patch
and it can be found in the queue-3.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From foo@baz Mon May 16 14:28:53 PDT 2016
From: Kangjie Lu <kangjielu@gmail.com>
Date: Tue, 3 May 2016 16:46:24 -0400
Subject: net: fix infoleak in rtnetlink
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Status: RO
Content-Length: 1317
Lines: 44

From: Kangjie Lu <kangjielu@gmail.com>

[ Upstream commit 5f8e44741f9f216e33736ea4ec65ca9ac03036e6 ]

The stack object “map” has a total size of 32 bytes. Its last 4
bytes are padding generated by compiler. These padding bytes are
not initialized and sent out via “nla_put”.

Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/core/rtnetlink.c |   18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1010,14 +1010,16 @@ static int rtnl_fill_ifinfo(struct sk_bu
 		goto nla_put_failure;
 
 	if (1) {
-		struct rtnl_link_ifmap map = {
-			.mem_start   = dev->mem_start,
-			.mem_end     = dev->mem_end,
-			.base_addr   = dev->base_addr,
-			.irq         = dev->irq,
-			.dma         = dev->dma,
-			.port        = dev->if_port,
-		};
+		struct rtnl_link_ifmap map;
+
+		memset(&map, 0, sizeof(map));
+		map.mem_start   = dev->mem_start;
+		map.mem_end     = dev->mem_end;
+		map.base_addr   = dev->base_addr;
+		map.irq         = dev->irq;
+		map.dma         = dev->dma;
+		map.port        = dev->if_port;
+
 		if (nla_put(skb, IFLA_MAP, sizeof(map), &map))
 			goto nla_put_failure;
 	}


Patches currently in stable-queue which might be from kangjielu@gmail.com are

queue-3.14/net-fix-a-kernel-infoleak-in-x25-module.patch
queue-3.14/net-fix-infoleak-in-llc.patch
queue-3.14/net-fix-infoleak-in-rtnetlink.patch

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2016-05-16 21:49 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-05-16 21:49 Patch "net: fix infoleak in rtnetlink" has been added to the 3.14-stable tree gregkh

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox