From patchwork Tue May 24 17:53:36 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kamal Mostafa X-Patchwork-Id: 625800 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 3rDjk63RtWz9t82; Wed, 25 May 2016 03:55:26 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1b5GY7-00013Z-UE; Tue, 24 May 2016 17:55:23 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1b5GWT-0000CS-Cm for kernel-team@lists.ubuntu.com; Tue, 24 May 2016 17:53:41 +0000 Received: from 1.general.kamal.us.vpn ([10.172.68.52] helo=fourier) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1b5GWS-0006IF-J0; Tue, 24 May 2016 17:53:40 +0000 Received: from kamal by fourier with local (Exim 4.86_2) (envelope-from ) id 1b5GWP-0000OE-TJ; Tue, 24 May 2016 10:53:37 -0700 From: Kamal Mostafa To: Kangjie Lu Subject: [4.2.y-ckt stable] Patch "net: fix infoleak in llc" has been added to the 4.2.y-ckt tree Date: Tue, 24 May 2016 10:53:36 -0700 Message-Id: <1464112416-1461-1-git-send-email-kamal@canonical.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-Extended-Stable: 4.2 Cc: Kamal Mostafa , Kangjie Lu , "David S . Miller" , kernel-team@lists.ubuntu.com X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com This is a note to let you know that I have just added a patch titled net: fix infoleak in llc to the linux-4.2.y-queue branch of the 4.2.y-ckt extended stable tree which can be found at: https://git.launchpad.net/~canonical-kernel/linux/+git/linux-stable-ckt/log/?h=linux-4.2.y-queue This patch is scheduled to be released in version 4.2.8-ckt11. If you, or anyone else, feels it should not be added to this tree, please reply to this email. For more information about the 4.2.y-ckt tree, see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable Thanks. -Kamal ---8<------------------------------------------------------------ From e11f24702a626365d66daa41cd326298a221f819 Mon Sep 17 00:00:00 2001 From: Kangjie Lu Date: Tue, 3 May 2016 16:35:05 -0400 Subject: net: fix infoleak in llc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [ Upstream commit b8670c09f37bdf2847cc44f36511a53afc6161fd ] The stack object “info” has a total size of 12 bytes. Its last byte is padding which is not initialized and leaked via “put_cmsg”. Signed-off-by: Kangjie Lu Signed-off-by: David S. Miller Signed-off-by: Kamal Mostafa --- net/llc/af_llc.c | 1 + 1 file changed, 1 insertion(+) -- 2.7.4 diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c index 8dab4e5..bb8edb9 100644 --- a/net/llc/af_llc.c +++ b/net/llc/af_llc.c @@ -626,6 +626,7 @@ static void llc_cmsg_rcv(struct msghdr *msg, struct sk_buff *skb) if (llc->cmsg_flags & LLC_CMSG_PKTINFO) { struct llc_pktinfo info; + memset(&info, 0, sizeof(info)); info.lpi_ifindex = llc_sk(skb->sk)->dev->ifindex; llc_pdu_decode_dsap(skb, &info.lpi_sap); llc_pdu_decode_da(skb, info.lpi_mac);