git.karo-electronics.de Git - karo-tx-linux.git/commit

]> git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Kees Cook <keescook@chromium.org>
	Wed, 19 Jun 2013 00:05:44 +0000 (10:05 +1000)
committer	Stephen Rothwell <sfr@canb.auug.org.au>
	Wed, 19 Jun 2013 07:12:51 +0000 (17:12 +1000)
commit	ce15eb53b5111cc990289e5c7a767d215632615d
tree	820e272955f19554a0d110a8660d825fe3747d01	tree \| snapshot
parent	978e3e1bc45a9a191b4d2ada407dc84d47ade820	commit \| diff

block: do not pass disk names as format strings

Disk names may contain arbitrary strings, so they must not be interpreted
as format strings. It seems that only md allows arbitrary strings to be
used for disk names, but this could allow for a local memory corruption
from uid 0 into ring 0.

CVE-2013-2851

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

block/genhd.c		diff \| blob \| history
drivers/block/nbd.c		diff \| blob \| history
drivers/scsi/osd/osd_uld.c		diff \| blob \| history

Linux kernel for KaRo TX COM modules

RSS Atom