block: do not pass disk names as format strings - kernel/linux.git

diff options

author	Kees Cook <keescook@chromium.org>	2013-07-04 02:01:14 +0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2013-07-13 22:39:17 +0400
commit	c014eebac770438b946b6512f0961b0dc64ad0f6 (patch)
tree	138d833e526cf747d6f2704c7131da1e651bbcc5 /crypto
parent	179b66310e735a99c56b2a64fda5b3cbb03d3a97 (diff)
download	linux-c014eebac770438b946b6512f0961b0dc64ad0f6.tar.xz

block: do not pass disk names as format strings

commit ffc8b30866879ed9ba62bd0a86fecdbd51cd3d19 upstream. Disk names may contain arbitrary strings, so they must not be interpreted as format strings. It seems that only md allows arbitrary strings to be used for disk names, but this could allow for a local memory corruption from uid 0 into ring 0. CVE-2013-2851 Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Jens Axboe <axboe@kernel.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'crypto')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: