[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Linux kernel: driver/video/fbdev/aty/atyfb_base.c: atyfb_ioctl() stack infoleak
From: sohu0106 <sohu0106 () 126 ! com>
Date: 2017-07-30 4:49:04
Message-ID: 40339054.1134.15d91d384bc.Coremail.sohu0106 () 126 ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
driver/video/fbdev/aty/atyfb_base.c
In atyfb_ioctl() structure atyclk is copied to userland with padding bytes after
"vclk_post_div" field unitialized. It leads to leaking of
contents of kernel stack memory. We have to initialize them to zero. or it will allows local \
users to obtain potentially sensitive information from kernel stack memory by reading a copy of \
this structure
https://github.com/torvalds/linux/pull/441
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic