mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From e6a623460e5fc960ac3ee9f946d3106233fd28d8 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Salva=20Peir=C3=B3?= <speiro@ai2.upv.es>
|
|
Date: Wed, 30 Apr 2014 19:48:02 +0200
|
|
Subject: [media] media-device: fix infoleak in ioctl media_enum_entities()
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
This fixes CVE-2014-1739.
|
|
|
|
Signed-off-by: Salva Peiró <speiro@ai2.upv.es>
|
|
Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
|
|
Cc: stable@vger.kernel.org
|
|
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
|
|
---
|
|
drivers/media/media-device.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
|
|
index d5a7a13..703560f 100644
|
|
--- a/drivers/media/media-device.c
|
|
+++ b/drivers/media/media-device.c
|
|
@@ -93,6 +93,7 @@ static long media_device_enum_entities(struct media_device *mdev,
|
|
struct media_entity *ent;
|
|
struct media_entity_desc u_ent;
|
|
|
|
+ memset(&u_ent, 0, sizeof(u_ent));
|
|
if (copy_from_user(&u_ent.id, &uent->id, sizeof(u_ent.id)))
|
|
return -EFAULT;
|
|
|
|
--
|
|
cgit v1.1
|
|
|