usb: misc: sisusbvga: fix information leak to userland

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Structure sisusb_info is copied to userland with "sisusb_reserved" field
uninitialized. It leads to leaking of contents of kernel stack memory.

Signed-off-by: Vasiliy Kulikov <segooon@gmail.com>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

authored by

Vasiliy Kulikov and committed by

Greg Kroah-Hartman 15 years ago 5dc92cf1 28609d40

1 changed file

expand all

drivers

usb

misc

sisusbvga

sisusb.c

drivers/usb/misc/sisusbvga/sisusb.c

··· 3008 3008 #else 3009 3009 x.sisusb_conactive = 0; 3010 3010 #endif 3011 + memset(x.sisusb_reserved, 0, sizeof(x.sisusb_reserved)); 3011 3012 3012 3013 if (copy_to_user((void __user *)arg, &x, sizeof(x))) 3013 3014 retval = -EFAULT;