Date: Mon, 14 Nov 2016 13:20:47 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Message-ID: <bug-214488-5710-O9TSiTwnVD@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-214488-5710@https.bugs.freebsd.org/bugzilla/> References: <bug-214488-5710@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214488 --- Comment #1 from commit-hook@freebsd.org --- A commit references this bug: Author: kib Date: Mon Nov 14 13:20:10 UTC 2016 New revision: 308642 URL: https://svnweb.freebsd.org/changeset/base/308642 Log: Initialize reserved bytes in struct mq_attr and its 32compat counterpart, to avoid kernel stack content leak in kmq_setattr(2) syscall. Also slightly simplify the checks around copyout()s. Reported by: Vlad Tsyrklevich <vlad902+spam@gmail.com> PR: 214488 MFC after: 1 week Changes: head/sys/kern/uipc_mqueue.c -- You are receiving this mail because: You are on the CC list for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214488-5710-O9TSiTwnVD>