x86/mce: Potential Information Leak in __mce_read_apei Due to Uninitialized Bytes

From: Haoyu Li
Date: Thu Jan 30 2025 - 07:28:06 EST

Next message: Louis-Alexis Eyraud: "[PATCH v2 0/3] Add Mali GPU support for Mediatek MT8370 SoC"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v2 1/9] dt-bindings: spi: Add STM32 OSPI controller"
Next in thread: Luck, Tony: "RE: x86/mce: Potential Information Leak in __mce_read_apei Due to Uninitialized Bytes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Linux Kernel Developers,

I hope this email finds you well.

I would like to bring to your attention a potential issue in the
"__mce_read_apei" function. Specifically, the struct mce m is
initialized via the "apei_read_mce" function before being copied to
user space. However, upon inspecting the call trace (apei_read_mce ->
erst_read_record -> erst_read), we found that not all fields of struct
mce are properly initialized.

This could lead to an information leakage due to uninitialized bytes
being exposed to user space.

Could you please confirm if this is a valid concern? Looking forward
to your insights.

Best regards,
Haoyu Li

Next message: Louis-Alexis Eyraud: "[PATCH v2 0/3] Add Mali GPU support for Mediatek MT8370 SoC"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v2 1/9] dt-bindings: spi: Add STM32 OSPI controller"
Next in thread: Luck, Tony: "RE: x86/mce: Potential Information Leak in __mce_read_apei Due to Uninitialized Bytes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]