From: Greg KH <gregkh@linuxfoundation.org>
To: Fuqian Huang <huangfq.daxian@gmail.com>
Cc: Stable@vger.kernel.org
Subject: Re: [PATCH 4.14] atm:idt77252: Fix a kernel address leakage in idt77252
Date: Thu, 18 Apr 2019 09:42:22 +0200 [thread overview]
Message-ID: <20190418074222.GA17393@kroah.com> (raw)
In-Reply-To: <20190418071721.12666-1-huangfq.daxian@gmail.com>
On Thu, Apr 18, 2019 at 03:17:21PM +0800, Fuqian Huang wrote:
> From: Fuqian Huang <huangfq.daxian@gmail.com>
>
> As there is still no hash for %p to print the address in linux 4.14,
> the address of function idt77252_init will be printed to syslog.
> Outputting kernel addresses will reveal the locations of kernel code
> and data. This case is similar to CVE-2018-7273[1].
>
> Also, there is no need to print the address of
> function idt77252_init in idt77252_init.
> Just remove the print statement.
>
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
>
> Cc: <Stable@vger.kernel.org> # v4.14+
> Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
> ---
> drivers/atm/idt77252.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/drivers/atm/idt77252.c b/drivers/atm/idt77252.c
> index 47f3c4a..76e7736 100644
> --- a/drivers/atm/idt77252.c
> +++ b/drivers/atm/idt77252.c
> @@ -3743,8 +3743,6 @@ static int __init idt77252_init(void)
> {
> struct sk_buff *skb;
>
> - printk("%s: at %p\n", __func__, idt77252_init);
If you look at commit ad67b74d2469 ("printk: hash addresses printed with
%p"), I think you missed about 14000 other instances you need to fix up :)
I suggest, if you really care about this issue in your 4.14-based kernel
tree, that you just backport these pointer printk patches and be done
with it. That's too big of a change to accept into the 4.14.y LTS
kernel, but as the lifespan for 4.14.y running on a "general purpose"
system is probably only a few more months at most, I would recomment
just using 4.19.y instead as this isn't an issue at all there.
thanks,
greg k-h
next prev parent reply other threads:[~2019-04-18 7:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-18 7:17 [PATCH 4.14] atm:idt77252: Fix a kernel address leakage in idt77252 Fuqian Huang
2019-04-18 7:42 ` Greg KH [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-04-16 12:37 Fuqian Huang
2019-04-16 12:46 ` Greg KH
2019-04-16 14:27 ` Fuqian Huang
2019-04-17 6:14 ` Greg KH
2019-04-16 12:31 Fuqian Huang
2019-04-16 7:11 Fuqian Huang
2019-04-16 8:57 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190418074222.GA17393@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Stable@vger.kernel.org \
--cc=huangfq.daxian@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).