From: Fuqian Huang huangfq.daxian@gmail.com
commit c0a68944b036ee4856658c6a5c2c4cc030a1c587 upstream
Outputting kernel addresses will reveal the locations of kernel code and data. And there is no need to print the address of function idt77252_init in idt77252_init. This case is similar to CVE-2018-7273[1]. Just remove the print statement.
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
Cc: Stable@vger.kernel.org # v4.14.x Signed-off-by: Fuqian Huang huangfq.daxian@gmail.com --- drivers/atm/idt77252.c | 2 -- 1 file changed, 2 deletions(-)
diff --git a/drivers/atm/idt77252.c b/drivers/atm/idt77252.c index 47f3c4a..76e7736 100644 --- a/drivers/atm/idt77252.c +++ b/drivers/atm/idt77252.c @@ -3743,8 +3743,6 @@ static int __init idt77252_init(void) { struct sk_buff *skb;
- printk("%s: at %p\n", __func__, idt77252_init); - if (sizeof(skb->cb) < sizeof(struct atm_skb_data) + sizeof(struct idt77252_skb_prv)) { printk(KERN_ERR "%s: skb->cb is too small (%lu < %lu)\n", -- 2.11.0
On Tue, Apr 16, 2019 at 08:37:17PM +0800, Fuqian Huang wrote:
From: Fuqian Huang huangfq.daxian@gmail.com
commit c0a68944b036ee4856658c6a5c2c4cc030a1c587 upstream
I do not see that git commit id in Linus's tree, are you sure it is there?
And your email seems to be messing up the cc: line, please fix that up.
thanks,
greg k-h
uh, it seems that i misunderstood the manual. If i just submit a patch to fix a bug in 4.14 which not exists in upstream, need i add a commit-id line to the mail body? It is ok that I remove the commitid line and resend the patch? Sorry about that. This my first patch submit to stable tree.
Greg KH gregkh@linuxfoundation.org 於 2019年4月16日週二 下午8:57寫道:
On Tue, Apr 16, 2019 at 08:37:17PM +0800, Fuqian Huang wrote:
From: Fuqian Huang huangfq.daxian@gmail.com
commit c0a68944b036ee4856658c6a5c2c4cc030a1c587 upstream
I do not see that git commit id in Linus's tree, are you sure it is there?
And your email seems to be messing up the cc: line, please fix that up.
thanks,
greg k-h
On Tue, Apr 16, 2019 at 10:27:51PM +0800, Fuqian Huang wrote:
uh, it seems that i misunderstood the manual. If i just submit a patch to fix a bug in 4.14 which not exists in upstream, need i add a commit-id line to the mail body?
You need to explain in great detail _why_ the commit is not needed in Linus's tree for me to be able to accept the patch.
It is ok that I remove the commitid line and resend the patch?
Yes please, and add lots of text to the changelog area explaining why this is only needed in this one specific kernel tree.
thanks,
greg k-h
linux-stable-mirror@lists.linaro.org
-
Fuqian Huang -
Greg KH