Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 21 Jan 2019 09:27:46 -0800
From:      Cy Schubert <Cy.Schubert@cschubert.com>
To:        Ed Maste <emaste@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r343262 - head/sys/amd64/linux
Message-ID:  <CE31DB81-1298-404F-8788-27C5DDE0C479@cschubert.com>
In-Reply-To: <201901211625.x0LGPfBd047017@repo.freebsd.org>
References:  <201901211625.x0LGPfBd047017@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On January 21, 2019 8:25:41 AM PST, Ed Maste <emaste@FreeBSD=2Eorg> wrote:
>Author: emaste
>Date: Mon Jan 21 16:25:40 2019
>New Revision: 343262
>URL: https://svnweb=2Efreebsd=2Eorg/changeset/base/343262
>
>Log:
>  linuxulator: fix stack memory disclosure in linux_sigaltstack
> =20
>  admbugs:	765
>  Reported by:	Vlad Tsyrklevich <vlad@tsyrklevich=2Enet>
>  Reviewed by:	andrew
>  MFC after:	1 day
>  Security:	Kernel memory disclosure
>  Sponsored by:   The FreeBSD Foundation
>
>Modified:
>  head/sys/amd64/linux/linux_machdep=2Ec
>
>Modified: head/sys/amd64/linux/linux_machdep=2Ec
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/sys/amd64/linux/linux_machdep=2Ec	Mon Jan 21 16:21:03
>2019	(r343261)
>+++ head/sys/amd64/linux/linux_machdep=2Ec	Mon Jan 21 16:25:40
>2019	(r343262)
>@@ -201,6 +201,7 @@ linux_sigaltstack(struct thread *td, struct
>linux_siga
> 	l_stack_t lss;
> 	int error;
>=20
>+	memset(&lss, 0, sizeof(lss));
> 	LINUX_CTR2(sigaltstack, "%p, %p", uap->uss, uap->uoss);
>=20
> 	if (uap->uss !=3D NULL) {

Do we have a CVE for this?
--=20
Pardon the typos and autocorrect, small keyboard in use=2E
Cheers,
Cy Schubert <Cy=2ESchubert@cschubert=2Ecom>
FreeBSD UNIX: <cy@FreeBSD=2Eorg> Web: http://www=2EFreeBSD=2Eorg

	The need of the many outweighs the greed of the few=2E

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CE31DB81-1298-404F-8788-27C5DDE0C479>