Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-21 19:41:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update atyfb_base.c

Browse Source 
Structure atyclk is copied to userland with padding bytes after
"vclk_post_div" field unitialized.  It leads to leaking of
contents of kernel stack memory.  We have to initialize them to zero. or it will allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure
This commit is contained in:
sohu0106 2017-07-30 12:05:46 +08:00 committed by GitHub
parent 0a07b238e5
commit 4523622d27
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
drivers/video/fbdev/aty/atyfb_base.c
View File

@ -1857,6 +1857,9 @@ static int atyfb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
if (M64_HAS(INTEGRATED)) {
struct atyclk clk;
union aty_pll *pll = &par->pll;
memset( &clk, 0, sizeof(struct atyclk) );
u32 dsp_config = pll->ct.dsp_config;
u32 dsp_on_off = pll->ct.dsp_on_off;
clk.ref_clk_per = par->ref_clk_per;