git.karo-electronics.de Git - karo-tx-linux.git/commit

]> git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Kees Cook <keescook@chromium.org>
	Thu, 27 Jun 2013 23:51:13 +0000 (09:51 +1000)
committer	Stephen Rothwell <sfr@canb.auug.org.au>
	Fri, 28 Jun 2013 06:37:21 +0000 (16:37 +1000)
commit	e0b2b9355a7271964ce6e78b8f6ab546291b2460
tree	cfe39f55cbf9728a730fea4919c29d85420725f3	tree \| snapshot
parent	44ff9d51b1410c0747ec07008fa9705097a2ff8d	commit \| diff

block: do not pass disk names as format strings

Disk names may contain arbitrary strings, so they must not be interpreted
as format strings. It seems that only md allows arbitrary strings to be
used for disk names, but this could allow for a local memory corruption
from uid 0 into ring 0.

CVE-2013-2851

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

block/genhd.c		diff \| blob \| history
drivers/block/nbd.c		diff \| blob \| history
drivers/scsi/osd/osd_uld.c		diff \| blob \| history

Linux kernel for KaRo TX COM modules

RSS Atom