summaryrefslogtreecommitdiff
path: root/crypto/crypto_engine.c
diff options
context:
space:
mode:
authorMichael S. Tsirkin <mst@redhat.com>2018-05-12 00:33:10 +0300
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2018-06-26 08:08:08 +0800
commit9681c3bdb098f6c87a0422b6b63912c1b90ad197 (patch)
treea9826b0b9019992a8ef704fffeab18e4a58fb508 /crypto/crypto_engine.c
parenta875bc1c9ec116b7b2b2f15f8edc2a2ac3c51f99 (diff)
vhost: fix info leak due to uninitialized memory
commit 670ae9caaca467ea1bfd325cb2a5c98ba87f94ad upstream. struct vhost_msg within struct vhost_msg_node is copied to userspace. Unfortunately it turns out on 64 bit systems vhost_msg has padding after type which gcc doesn't initialize, leaking 4 uninitialized bytes to userspace. This padding also unfortunately means 32 bit users of this interface are broken on a 64 bit kernel which will need to be fixed separately. Fixes: CVE-2018-1118 Cc: stable@vger.kernel.org Reported-by: Kevin Easton <kevin@guarana.org> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reported-by: syzbot+87cfa083e727a224754b@syzkaller.appspotmail.com Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'crypto/crypto_engine.c')
0 files changed, 0 insertions, 0 deletions