USB: usbfs: don't leak kernel data in siginfo
authorAlan Stern <stern@rowland.harvard.edu>
Fri, 13 Feb 2015 15:54:53 +0000 (10:54 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 24 Feb 2015 16:38:46 +0000 (08:38 -0800)
commitf0c2b68198589249afd2b1f2c4e8de8c03e19c16
tree719882a5c2ab4ada82240fff4ffe0df6debe98eb
parent27082e2654dc148078b0abdfc3c8e5ccbde0ebfa
USB: usbfs: don't leak kernel data in siginfo

When a signal is delivered, the information in the siginfo structure
is copied to userspace.  Good security practice dicatates that the
unused fields in this structure should be initialized to 0 so that
random kernel stack data isn't exposed to the user.  This patch adds
such an initialization to the two places where usbfs raises signals.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Dave Mielke <dave@mielke.cc>
CC: <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/core/devio.c