On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote:> If the VDUSE application provides a smaller config space > than the driver expects, the driver may use uninitialized > memory from the stack. > > This patch prevents it by initializing the buffer passed by > the driver to store the config value. > > This fix addresses CVE-2022-2308. > > Cc: xieyongji at bytedance.com > Cc: stable at vger.kernel.org # v5.15+ > Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") > > Acked-by: Jason Wang <jasowang at redhat.com> > Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com>Please no blank line above the Acked-by: line here if possible. thanks, greg k-h
Maxime Coquelin
2022-Aug-31 15:01 UTC
[PATCH v2] vduse: prevent uninitialized memory accesses
On 8/29/22 09:48, Greg KH wrote:> On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote: >> If the VDUSE application provides a smaller config space >> than the driver expects, the driver may use uninitialized >> memory from the stack. >> >> This patch prevents it by initializing the buffer passed by >> the driver to store the config value. >> >> This fix addresses CVE-2022-2308. >> >> Cc: xieyongji at bytedance.com >> Cc: stable at vger.kernel.org # v5.15+ >> Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") >> >> Acked-by: Jason Wang <jasowang at redhat.com> >> Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com> > > Please no blank line above the Acked-by: line here if possible.Sure. Jason, do you prefer I post a new revision with this single change or you will handle it while applying? Either way is fine to me. Thanks, Maxime> thanks, > > greg k-h >