kernel/sys.c: fix stack memory content leak via UNAME26 - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Kees Cook <[email protected]>	2012-10-19 13:56:51 -0700
committer	Linus Torvalds <[email protected]>	2012-10-19 14:07:47 -0700
commit	2702b1526c7278c4d65d78de209a465d4de2885e (patch)
tree	a41af3d56a6e37af19bc7ed392f2580750ba86cb /tools/perf/util/scripting-engines/trace-event-python.c
parent	1d46e232f8637f31f8df2e50b27fd20d8135bd93 (diff)

kernel/sys.c: fix stack memory content leak via UNAME26

Calling uname() with the UNAME26 personality set allows a leak of kernel stack contents. This fixes it by defensively calculating the length of copy_to_user() call, making the len argument unsigned, and initializing the stack buffer to zero (now technically unneeded, but hey, overkill). CVE-2012-0957 Reported-by: PaX Team <[email protected]> Signed-off-by: Kees Cook <[email protected]> Cc: Andi Kleen <[email protected]> Cc: PaX Team <[email protected]> Cc: Brad Spengler <[email protected]> Cc: <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>

Diffstat (limited to 'tools/perf/util/scripting-engines/trace-event-python.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: