scsi: stex: Properly zero out the passthrough command structure (0f6fcb8c) · Commits · Summer2022 / 22b970264

Commit 0f6fcb8c authored 2 years ago by

Linus Torvalds Committed by Yongqiang Liu 2 years ago

scsi: stex: Properly zero out the passthrough command structure

stable inclusion
from stable-v4.19.262
commit a99c5e38dc6c3dc3da28489b78db09a4b9ffc8c3
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I5ROPX
CVE: CVE-2022-40768

-------------------------------

commit 6022f210461fef67e6e676fd8544ca02d1bcfa7a upstream.

The passthrough structure is declared off of the stack, so it needs to be
set to zero before copied back to userspace to prevent any unintentional
data leakage.  Switch things to be statically allocated which will fill the
unused fields with 0 automatically.

Link: https://lore.kernel.org/r/YxrjN3OOw2HHl9tx@kroah.com


Cc: stable@kernel.org
Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Reported-by: hdthky <hdthky0@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Lu Jialin <lujialin4@huawei.com>
Reviewed-by: GONG Ruiqi <gongruiqi1@huawei.com>
Reviewed-by: Cai Xinchen <caixinchen1@huawei.com>
Reviewed-by: Wang Weiyang <wangweiyang2@huawei.com>
Signed-off-by: Yongqiang Liu <liuyongqiang13@huawei.com>

parent 09135a1c

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 10 additions and 9 deletions

Please register or to comment