USB: usbfs: don't leak kernel data in siginfo
authorAlan Stern <stern@rowland.harvard.edu>
Fri, 13 Feb 2015 15:54:53 +0000 (10:54 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 18 Mar 2015 12:22:30 +0000 (13:22 +0100)
commit92677959bdadb8f7dd2809c5eedc4cd8ca8aeee2
treee8a288a730e8ed7d9f43e67ae5ba79220052b207
parente256bf1483582a189a5bd58437b704f15fb9b06c
USB: usbfs: don't leak kernel data in siginfo

commit f0c2b68198589249afd2b1f2c4e8de8c03e19c16 upstream.

When a signal is delivered, the information in the siginfo structure
is copied to userspace.  Good security practice dicatates that the
unused fields in this structure should be initialized to 0 so that
random kernel stack data isn't exposed to the user.  This patch adds
such an initialization to the two places where usbfs raises signals.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Dave Mielke <dave@mielke.cc>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/core/devio.c