Re: [stable] [patch 1/1] sys_get_thread_area does not clear the returned argument
From: Chris Wright
Date: Sun Jul 31 2005 - 00:18:57 EST
* blaisorblade@xxxxxxxx (blaisorblade@xxxxxxxx) wrote:
>
> From: Blaisorblade <blaisorblade@xxxxxxxx>
> CC: <stable@xxxxxxxxxx>
>
> sys_get_thread_area does not memset to 0 its struct user_desc info before
> copying it to user space... since sizeof(struct user_desc) is 16 while the
> actual datas which are filled are only 12 bytes + 9 bits (across the
> bitfields), there is a (small) information leak.
>
> This was already committed to Linus' repository.
Thanks, queued to -stable.
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/