forked from Minki/linux
2f2d0088eb
When a client has a USB device attached over IP, the vhci_hcd driver is
locally leaking a socket pointer address via the
/sys/devices/platform/vhci_hcd/status file (world-readable) and in debug
output when "usbip --debug port" is run.
Fix it to not leak. The socket pointer address is not used at the moment
and it was made visible as a convenient way to find IP address from socket
pointer address by looking up /proc/net/{tcp,tcp6}.
As this opens a security hole, the fix replaces socket pointer address with
sockfd.
Reported-by: Secunia Research <vuln@secunia.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|---|---|---|
| .. | ||
| Kconfig | ||
| Makefile | ||
| README | ||
| stub_dev.c | ||
| stub_main.c | ||
| stub_rx.c | ||
| stub_tx.c | ||
| stub.h | ||
| usbip_common.c | ||
| usbip_common.h | ||
| usbip_event.c | ||
| vhci_hcd.c | ||
| vhci_rx.c | ||
| vhci_sysfs.c | ||
| vhci_tx.c | ||
| vhci.h | ||
| vudc_dev.c | ||
| vudc_main.c | ||
| vudc_rx.c | ||
| vudc_sysfs.c | ||
| vudc_transfer.c | ||
| vudc_tx.c | ||
| vudc.h | ||
TODO: - more discussion about the protocol - testing - review of the userspace interface - document the protocol Please send patches for this code to Greg Kroah-Hartman <greg@kroah.com>