From owner-svn-src-all@freebsd.org Mon Jan 21 19:02:29 2019 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B754414B3E0D; Mon, 21 Jan 2019 19:02:29 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 18E5072172; Mon, 21 Jan 2019 19:02:28 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id leq0gAn158uQmleq1gaK7v; Mon, 21 Jan 2019 12:02:26 -0700 X-Authority-Analysis: v=2.3 cv=XKpOtjpE c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=IkcTkHD0fZMA:10 a=3JhidrIBZZsA:10 a=6I5d2MoRAAAA:8 a=hinadew-AAAA:8 a=YxBL1-UpAAAA:8 a=x7BMxHKl1PyEs5WXwGYA:9 a=QEXdDO2ut3YA:10 a=IjZwj45LgO3ly-622nXo:22 a=LikKuh5RR83Sn2yGlEXi:22 a=Ia-lj3WSrqcvXOmTRaiG:22 Received: from android-68f84e02b5988183.esitwifi.local (S0106788a207e2972.gv.shawcable.net [70.66.154.233]) by spqr.komquats.com (Postfix) with ESMTPSA id 49214D9A; Mon, 21 Jan 2019 11:02:50 -0800 (PST) Date: Mon, 21 Jan 2019 09:27:46 -0800 User-Agent: K-9 Mail for Android In-Reply-To: <201901211625.x0LGPfBd047017@repo.freebsd.org> References: <201901211625.x0LGPfBd047017@repo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: svn commit: r343262 - head/sys/amd64/linux To: Ed Maste , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org From: Cy Schubert Message-ID: X-CMAE-Envelope: MS4wfJfVXiNw0WZoLheo4CU7ZhoI2SyJA9fzUaU5KRuyXAQEyuq1G7g7i20sT6zIh1lRAob/O/6Cc0JcjMGHKHLIYdKVwU2pyPSxe5j4Q0VmbcR4MI/hg1Il hYBc91sQuzFW6BZ6hjlzKk5ksLIul1bzCW5TLpWLfEtlWKxBlmPYcBQNS2OmC0j2zlqgfblJEIeUsZAC8x1xxJ/yTmyXdqoZOsq+mxLynl495G+co+6dMOxV elsI5QzMM9vX03KH7roiKoQ/VXmlcrjaXXfiUsxJw7fO4p3YZcK56IeTpFVVg7nO X-Rspamd-Queue-Id: 18E5072172 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-1.00)[-0.996,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 19:02:29 -0000 On January 21, 2019 8:25:41 AM PST, Ed Maste wrote: >Author: emaste >Date: Mon Jan 21 16:25:40 2019 >New Revision: 343262 >URL: https://svnweb=2Efreebsd=2Eorg/changeset/base/343262 > >Log: > linuxulator: fix stack memory disclosure in linux_sigaltstack > =20 > admbugs: 765 > Reported by: Vlad Tsyrklevich > Reviewed by: andrew > MFC after: 1 day > Security: Kernel memory disclosure > Sponsored by: The FreeBSD Foundation > >Modified: > head/sys/amd64/linux/linux_machdep=2Ec > >Modified: head/sys/amd64/linux/linux_machdep=2Ec >=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D >--- head/sys/amd64/linux/linux_machdep=2Ec Mon Jan 21 16:21:03 >2019 (r343261) >+++ head/sys/amd64/linux/linux_machdep=2Ec Mon Jan 21 16:25:40 >2019 (r343262) >@@ -201,6 +201,7 @@ linux_sigaltstack(struct thread *td, struct >linux_siga > l_stack_t lss; > int error; >=20 >+ memset(&lss, 0, sizeof(lss)); > LINUX_CTR2(sigaltstack, "%p, %p", uap->uss, uap->uoss); >=20 > if (uap->uss !=3D NULL) { Do we have a CVE for this? --=20 Pardon the typos and autocorrect, small keyboard in use=2E Cheers, Cy Schubert FreeBSD UNIX: Web: http://www=2EFreeBSD=2Eorg The need of the many outweighs the greed of the few=2E