[Midnightbsd-cvs] src [12218] stable/1.1: Due to insufficient initialization of memory copied to userland in the
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Wed Jul 24 18:55:45 EDT 2019
Revision: 12218
http://svnweb.midnightbsd.org/src/?rev=12218
Author: laffer1
Date: 2019-07-24 18:55:45 -0400 (Wed, 24 Jul 2019)
Log Message:
-----------
Due to insufficient initialization of memory copied to userland in the
components listed above small amounts of kernel memory may be disclosed
to userland processes.
Modified Paths:
--------------
stable/1.1/UPDATING
stable/1.1/sys/compat/freebsd32/freebsd32_ioctl.c
Modified: stable/1.1/UPDATING
===================================================================
--- stable/1.1/UPDATING 2019-07-24 22:55:10 UTC (rev 12217)
+++ stable/1.1/UPDATING 2019-07-24 22:55:45 UTC (rev 12218)
@@ -7,6 +7,10 @@
posix_openpt(2) fails to undo the configuration which causes SIGIO to be
raised. This bug can lead to a write-after-free of kernel memory.
+ Due to insufficient initialization of memory copied to userland in the
+ components listed above small amounts of kernel memory may be disclosed
+ to userland processes.
+
20190223:
Update mport package tool with version from CURRENT. Supports
origin lookups with /usr/libexec/mport.query now, required for latest
Modified: stable/1.1/sys/compat/freebsd32/freebsd32_ioctl.c
===================================================================
--- stable/1.1/sys/compat/freebsd32/freebsd32_ioctl.c 2019-07-24 22:55:10 UTC (rev 12217)
+++ stable/1.1/sys/compat/freebsd32/freebsd32_ioctl.c 2019-07-24 22:55:45 UTC (rev 12218)
@@ -263,6 +263,8 @@
vm_offset_t addr;
int error;
+ memset(&pmc, 0, sizeof(pmc));
+ memset(&pc32, 0, sizeof(pc32));
if ((error = copyin(uap->data, &pci32, sizeof(pci32))) != 0)
return (error);
More information about the Midnightbsd-cvs
mailing list