vduse: prevent uninitialized memory accesses - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Maxime Coquelin <maxime.coquelin@redhat.com>	2022-08-31 17:49:23 +0200
committer	Michael S. Tsirkin <mst@redhat.com>	2022-09-27 18:32:45 -0400
commit	46f8a29272e51b6df7393d58fc5cb8967397ef2b (patch)
tree	c0b4ecf355de210b969535f63d017c7dec0fe64e /drivers/fpga/dfl.c
parent	37fafe6b61e4f15d977982635bb785f4e605f7cd (diff)
download	linux-46f8a29272e51b6df7393d58fc5cb8967397ef2b.tar.bz2

vduse: prevent uninitialized memory accesses

If the VDUSE application provides a smaller config space than the driver expects, the driver may use uninitialized memory from the stack. This patch prevents it by initializing the buffer passed by the driver to store the config value. This fix addresses CVE-2022-2308. Cc: stable@vger.kernel.org # v5.15+ Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace") Reviewed-by: Xie Yongji <xieyongji@bytedance.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Message-Id: <20220831154923.97809-1-maxime.coquelin@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>

Diffstat (limited to 'drivers/fpga/dfl.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: