Patchwork [4.14] atm:idt77252: Fix a kernel address leakage in idt77252

login
register
mail settings
Submitter Fuqian Huang
Date April 16, 2019, 6:57 a.m.
Message ID <20190416065727.13303-1-huangfq.daxian@gmail.com>
Download mbox | patch
Permalink /patch/773941/
State New
Headers show

Comments

Fuqian Huang - April 16, 2019, 6:57 a.m.
Outputting kernel addresses will reveal the locations of kernel code
and data. And there is no need to print the address of 
function idt77252_init in idt77252_init. 
This case is similar to CVE-2018-7273[1].
Just remove the print statement.

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273

Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
---
 drivers/atm/idt77252.c | 2 --
 1 file changed, 2 deletions(-)
Greg Kroah-Hartman - April 16, 2019, 8:56 a.m.
On Tue, Apr 16, 2019 at 02:57:27PM +0800, Fuqian Huang wrote:
> Outputting kernel addresses will reveal the locations of kernel code
> and data. And there is no need to print the address of 
> function idt77252_init in idt77252_init. 
> This case is similar to CVE-2018-7273[1].
> Just remove the print statement.
> 
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
> 
> Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
> ---
>  drivers/atm/idt77252.c | 2 --
>  1 file changed, 2 deletions(-)

<formletter>

This is not the correct way to submit patches for inclusion in the
stable kernel tree.  Please read:
    https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.

</formletter>

Patch

diff --git a/drivers/atm/idt77252.c b/drivers/atm/idt77252.c
index 47f3c4a..76e7736 100644
--- a/drivers/atm/idt77252.c
+++ b/drivers/atm/idt77252.c
@@ -3743,8 +3743,6 @@  static int __init idt77252_init(void)
 {
 	struct sk_buff *skb;
 
-	printk("%s: at %p\n", __func__, idt77252_init);
-
 	if (sizeof(skb->cb) < sizeof(struct atm_skb_data) +
 			      sizeof(struct idt77252_skb_prv)) {
 		printk(KERN_ERR "%s: skb->cb is too small (%lu < %lu)\n",