[Kernel] Re: [PATCH OpenHarmony-4.19 13/17] can: bcm: fix infoleak in struct bcm_msg_head

在 2021/7/31 11:14, Yu Changchun 写道:

From: Norbert Slusarek

mainline inclusion from mainline-v5.13-rc7 commit 5e87ddbe3942e27e939bdc02deb8579b0cbd8ecc category: bugfix issue: #I42GZO CVE: CVE-2021-34693

--------------------------------

On 64-bit systems, struct bcm_msg_head has an added padding of 4 bytes between struct members count and ival1. Even though all struct members are initialized, the 4-byte hole will contain data from the kernel stack. This patch zeroes out struct bcm_msg_head before usage, preventing infoleaks to userspace.

Fixes: ffd980f976e7 ("[CAN]: Add broadcast manager (bcm) protocol") Link: https://lore.kernel.org/r/trinity-7c1b2e82-e34f-4885-8060-2cd7a13769ce-16235... Cc: linux-stable Signed-off-by: Norbert Slusarek Acked-by: Oliver Hartkopp Signed-off-by: Marc Kleine-Budde Signed-off-by: Yang Yingliang Reviewed-by: Xiu Jianfeng Reviewed-by: Yue Haibing Signed-off-by: Yang Yingliang Signed-off-by: Yu Changchun --- net/can/bcm.c | 3 +++ 1 file changed, 3 insertions(+)

Looks good to me