Maxime Coquelin
2022-Aug-31 15:01 UTC
[PATCH v2] vduse: prevent uninitialized memory accesses
On 8/29/22 09:48, Greg KH wrote:> On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote: >> If the VDUSE application provides a smaller config space >> than the driver expects, the driver may use uninitialized >> memory from the stack. >> >> This patch prevents it by initializing the buffer passed by >> the driver to store the config value. >> >> This fix addresses CVE-2022-2308. >> >> Cc: xieyongji at bytedance.com >> Cc: stable at vger.kernel.org # v5.15+ >> Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") >> >> Acked-by: Jason Wang <jasowang at redhat.com> >> Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com> > > Please no blank line above the Acked-by: line here if possible.Sure. Jason, do you prefer I post a new revision with this single change or you will handle it while applying? Either way is fine to me. Thanks, Maxime> thanks, > > greg k-h >
Michael S. Tsirkin
2022-Aug-31 15:12 UTC
[PATCH v2] vduse: prevent uninitialized memory accesses
On Wed, Aug 31, 2022 at 05:01:11PM +0200, Maxime Coquelin wrote:> On 8/29/22 09:48, Greg KH wrote: > > On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote: > > > If the VDUSE application provides a smaller config space > > > than the driver expects, the driver may use uninitialized > > > memory from the stack. > > > > > > This patch prevents it by initializing the buffer passed by > > > the driver to store the config value. > > > > > > This fix addresses CVE-2022-2308. > > > > > > Cc: xieyongji at bytedance.com > > > Cc: stable at vger.kernel.org # v5.15+ > > > Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") > > > > > > Acked-by: Jason Wang <jasowang at redhat.com> > > > Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com> > > > > Please no blank line above the Acked-by: line here if possible. > > Sure. > > Jason, do you prefer I post a new revision with this single change or > you will handle it while applying? Either way is fine to me. > > Thanks, > MaximeRepost pls, easier.> > thanks, > > > > greg k-h > >
Michael S. Tsirkin
2022-Aug-31 15:46 UTC
[PATCH v2] vduse: prevent uninitialized memory accesses
On Wed, Aug 31, 2022 at 05:01:11PM +0200, Maxime Coquelin wrote:> On 8/29/22 09:48, Greg KH wrote: > > On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote: > > > If the VDUSE application provides a smaller config space > > > than the driver expects, the driver may use uninitialized > > > memory from the stack. > > > > > > This patch prevents it by initializing the buffer passed by > > > the driver to store the config value. > > > > > > This fix addresses CVE-2022-2308. > > > > > > Cc: xieyongji at bytedance.com > > > Cc: stable at vger.kernel.org # v5.15+ > > > Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") > > > > > > Acked-by: Jason Wang <jasowang at redhat.com> > > > Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com> > > > > Please no blank line above the Acked-by: line here if possible. > > Sure. > > Jason, do you prefer I post a new revision with this single change or > you will handle it while applying? Either way is fine to me. > > Thanks, > MaximeI queue these normally.> > thanks, > > > > greg k-h > >