Re: [PATCH v2] vduse: prevent uninitialized memory accesses

From: Greg KH
Date: Mon Aug 29 2022 - 03:49:52 EST

Next message: tip-bot2 for Anshuman Khandual: "[tip: perf/core] perf: Capture branch privilege information"
Previous message: Wang, Wei W: "RE: [RFC PATCH 0/2] KVM: VMX: Fix VM entry failure on PT_MODE_HOST_GUEST while host is using PT"
In reply to: Maxime Coquelin: "[PATCH v2] vduse: prevent uninitialized memory accesses"
Next in thread: Maxime Coquelin: "Re: [PATCH v2] vduse: prevent uninitialized memory accesses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 29, 2022 at 09:34:24AM +0200, Maxime Coquelin wrote:
> If the VDUSE application provides a smaller config space
> than the driver expects, the driver may use uninitialized
> memory from the stack.
>
> This patch prevents it by initializing the buffer passed by
> the driver to store the config value.
>
> This fix addresses CVE-2022-2308.
>
> Cc: xieyongji@xxxxxxxxxxxxx
> Cc: stable@xxxxxxxxxxxxxxx # v5.15+
> Fixes: c8a6153b6c59 ("vduse: Introduce VDUSE - vDPA Device in Userspace")
>
> Acked-by: Jason Wang <jasowang@xxxxxxxxxx>
> Signed-off-by: Maxime Coquelin <maxime.coquelin@xxxxxxxxxx>

Please no blank line above the Acked-by: line here if possible.

thanks,

greg k-h

Next message: tip-bot2 for Anshuman Khandual: "[tip: perf/core] perf: Capture branch privilege information"
Previous message: Wang, Wei W: "RE: [RFC PATCH 0/2] KVM: VMX: Fix VM entry failure on PT_MODE_HOST_GUEST while host is using PT"
In reply to: Maxime Coquelin: "[PATCH v2] vduse: prevent uninitialized memory accesses"
Next in thread: Maxime Coquelin: "Re: [PATCH v2] vduse: prevent uninitialized memory accesses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]