]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5003a35) | patch
IB: Fix information leak in marshalling code
authorVasiliy Kulikov <segoon@openwall.com>
Sun, 14 Nov 2010 09:22:52 +0000 (09:22 +0000)
committerRoland Dreier <rolandd@cisco.com>
Thu, 2 Dec 2010 00:33:18 +0000 (16:33 -0800)
commit96191ddf3cec1f4621f8e7ed35b0e597ae20ba26
tree3e5f469737873ae4bfc13f6f9f21dfcc112d191etree | snapshot
parent5003a350680625b53668cf71aaed33cde673964ccommit | diff
IB: Fix information leak in marshalling code

ib_ucm_init_qp_attr() and ucma_init_qp_attr() pass struct ib_uverbs_qp_attr
with reserved, qp_state, {ah_attr,alt_ah_attr}{reserved,->grh.reserved}
fields uninitialized to copy_to_user().  This leads to leaking of
contents of kernel stack memory to userspace.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
drivers/infiniband/core/uverbs_marshall.c diff | blob | history
Linux Kernel Source Tree.