** Changed in: linux (Ubuntu Zesty)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1700077
Title:
aacraid driver may return uninitialized stack data to userspace
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Zesty:
Fix Committed
Bug description:
SRU Justification
Impact: Recent aacraid backports introduce potential information
leaks, where some stack allocated memory may be copied to userspace
without initialization.
Fix: Clear out the affected memory before using it to ensure that none
is left uninitialized.
Test Case: None. Code review should be sufficient to validate the
changes.
Regression Potential: Negligible. The patch simply memsets some
structs to clear them out prior to any other use.
---
aac_send_raw_srb() and aac_get_hba_info() both copy the contents of
stack variables to userspace when some of this memory may be
uninitialized. The memory should be zeroed out initially to prevent
this.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1700077/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
