Home Home > GIT Browse > stable
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-08-16 22:01:45 +0200
committerJiri Slaby <jslaby@suse.cz>2019-08-16 22:25:10 +0200
commit2bd4a22fae988f9a3a39ca1eecb357e546e0aa4f (patch)
tree51b34641c13249524d391b76ff921f1f9fb6a861
parent7c2ce4f570100df0798acfe24ec06afe8c3fa64e (diff)
can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
-rw-r--r--patches.kernel.org/5.2.9-122-can-peak_usb-pcan_usb_fd-Fix-info-leaks-to-USB-.patch40
-rw-r--r--series.conf1
2 files changed, 41 insertions, 0 deletions
diff --git a/patches.kernel.org/5.2.9-122-can-peak_usb-pcan_usb_fd-Fix-info-leaks-to-USB-.patch b/patches.kernel.org/5.2.9-122-can-peak_usb-pcan_usb_fd-Fix-info-leaks-to-USB-.patch
new file mode 100644
index 0000000000..3dc47375cd
--- /dev/null
+++ b/patches.kernel.org/5.2.9-122-can-peak_usb-pcan_usb_fd-Fix-info-leaks-to-USB-.patch
@@ -0,0 +1,40 @@
+From: Tomas Bortoli <tomasbortoli@gmail.com>
+Date: Wed, 31 Jul 2019 10:54:47 -0400
+Subject: [PATCH] can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
+References: bnc#1012628
+Patch-mainline: 5.2.9
+Git-commit: 30a8beeb3042f49d0537b7050fd21b490166a3d9
+
+commit 30a8beeb3042f49d0537b7050fd21b490166a3d9 upstream.
+
+Uninitialized Kernel memory can leak to USB devices.
+
+Fix by using kzalloc() instead of kmalloc() on the affected buffers.
+
+Signed-off-by: Tomas Bortoli <tomasbortoli@gmail.com>
+Reported-by: syzbot+513e4d0985298538bf9b@syzkaller.appspotmail.com
+Fixes: 0a25e1f4f185 ("can: peak_usb: add support for PEAK new CANFD USB adapters")
+Cc: linux-stable <stable@vger.kernel.org>
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/can/usb/peak_usb/pcan_usb_fd.c b/drivers/net/can/usb/peak_usb/pcan_usb_fd.c
+index 34761c3a6286..47cc1ff5b88e 100644
+--- a/drivers/net/can/usb/peak_usb/pcan_usb_fd.c
++++ b/drivers/net/can/usb/peak_usb/pcan_usb_fd.c
+@@ -841,7 +841,7 @@ static int pcan_usb_fd_init(struct peak_usb_device *dev)
+ goto err_out;
+
+ /* allocate command buffer once for all for the interface */
+- pdev->cmd_buffer_addr = kmalloc(PCAN_UFD_CMD_BUFFER_SIZE,
++ pdev->cmd_buffer_addr = kzalloc(PCAN_UFD_CMD_BUFFER_SIZE,
+ GFP_KERNEL);
+ if (!pdev->cmd_buffer_addr)
+ goto err_out_1;
+--
+2.22.0
+
diff --git a/series.conf b/series.conf
index 8be17f9e32..ae3d7a20cd 100644
--- a/series.conf
+++ b/series.conf
@@ -1142,6 +1142,7 @@
patches.kernel.org/5.2.9-119-ALSA-usb-audio-fix-a-memory-leak-bug.patch
patches.kernel.org/5.2.9-120-KVM-nSVM-properly-map-nested-VMCB.patch
patches.kernel.org/5.2.9-121-can-peak_usb-pcan_usb_pro-Fix-info-leaks-to-USB.patch
+ patches.kernel.org/5.2.9-122-can-peak_usb-pcan_usb_fd-Fix-info-leaks-to-USB-.patch
########################################################
# Build fixes that apply to the vanilla kernel too.