svn commit: r343262 - head/sys/amd64/linux
Cy Schubert
Cy.Schubert at cschubert.com
Mon Jan 21 19:02:29 UTC 2019
On January 21, 2019 8:25:41 AM PST, Ed Maste <emaste at FreeBSD.org> wrote:
>Author: emaste
>Date: Mon Jan 21 16:25:40 2019
>New Revision: 343262
>URL: https://svnweb.freebsd.org/changeset/base/343262
>
>Log:
> linuxulator: fix stack memory disclosure in linux_sigaltstack
>
> admbugs: 765
> Reported by: Vlad Tsyrklevich <vlad at tsyrklevich.net>
> Reviewed by: andrew
> MFC after: 1 day
> Security: Kernel memory disclosure
> Sponsored by: The FreeBSD Foundation
>
>Modified:
> head/sys/amd64/linux/linux_machdep.c
>
>Modified: head/sys/amd64/linux/linux_machdep.c
>==============================================================================
>--- head/sys/amd64/linux/linux_machdep.c Mon Jan 21 16:21:03
>2019 (r343261)
>+++ head/sys/amd64/linux/linux_machdep.c Mon Jan 21 16:25:40
>2019 (r343262)
>@@ -201,6 +201,7 @@ linux_sigaltstack(struct thread *td, struct
>linux_siga
> l_stack_t lss;
> int error;
>
>+ memset(&lss, 0, sizeof(lss));
> LINUX_CTR2(sigaltstack, "%p, %p", uap->uss, uap->uoss);
>
> if (uap->uss != NULL) {
Do we have a CVE for this?
--
Pardon the typos and autocorrect, small keyboard in use.
Cheers,
Cy Schubert <Cy.Schubert at cschubert.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the svn-src-all
mailing list