Re: [PATCH net] can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices

From: Marc Kleine-Budde
Date: Fri Jan 09 2026 - 03:19:10 EST

Next message: Alexandre TORGUE: "Re: [PATCH v3 5/6] ARM: dts: stm32: Add boot phase tags for STMicroelectronics mp15 boards"
Previous message: Jani Nikula: "Re: [RESEND RFC PATCH 1/1] drm: ensure that vblank diff is never negative"
In reply to: Vincent Mailhol: "Re: [PATCH net] can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09.01.2026 08:50:03, Vincent Mailhol wrote:
> +CC: Jimmy
>
> On 09/01/2026 at 02:36, Jerry Wu wrote:
> > Uninitialized Kernel memory can leak to USB devices.
>
> Please explain in your description which field(s) is(are) uninitialized
> in cmd.

Some memory at the end of struct kvaser_cmd is uninitialized, but
usb_bulk_msg() doesn't send the whole struct.

regards,
Marc

P.S.: It may be a coincidence, but Kery Qi's patch [1] had a similar
form. You take the bug class of an existing CVE and search for the same
pattern in other drivers. I like the idea. Please take a little more
time and check whether it really is a bug before sending bug fix
patches. Otherwise please label the patches accordingly.

[1] https://lore.kernel.org/all/20260108082042.1627-1-qikeyu2017@xxxxxxxxx/

--
Pengutronix e.K. | Marc Kleine-Budde |
Embedded Linux | https://www.pengutronix.de |
Vertretung Nürnberg | Phone: +49-5121-206917-129 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9 |

Attachment: signature.asc
Description: PGP signature

Next message: Alexandre TORGUE: "Re: [PATCH v3 5/6] ARM: dts: stm32: Add boot phase tags for STMicroelectronics mp15 boards"
Previous message: Jani Nikula: "Re: [RESEND RFC PATCH 1/1] drm: ensure that vblank diff is never negative"
In reply to: Vincent Mailhol: "Re: [PATCH net] can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]