[PATCH 0/2] Fix info leaks on export for udf and isofs

From: Mathias Krause
Date: Thu Jul 12 2012 - 02:47:48 EST

Next message: Mathias Krause: "[PATCH 1/2] isofs: avoid info leak on export"
Previous message: Mel Gorman: "[PATCH 13/16] mm: Micro-optimise slab to avoid a function call"
Next in thread: Mathias Krause: "[PATCH 1/2] isofs: avoid info leak on export"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Al, Jan,

this patch set fixes info leaks in isofs and udf. Both file systems fail to
initialize all bytes of the f_handle byte array when creating a handle for a
path pointing to a directory. This memory gets copied to userland and that for
is a leak of uninitialized heap data to userland that should be fixed.

This info leak can be triggered locally by using the name_to_handle_at()
syscall.

Regards,

Mathias Krause (2):
isofs: avoid info leak on export
udf: avoid info leak on export

fs/isofs/export.c | 1 +
fs/udf/namei.c | 1 +
2 files changed, 2 insertions(+)

--
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mathias Krause: "[PATCH 1/2] isofs: avoid info leak on export"
Previous message: Mel Gorman: "[PATCH 13/16] mm: Micro-optimise slab to avoid a function call"
Next in thread: Mathias Krause: "[PATCH 1/2] isofs: avoid info leak on export"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]