mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-21 08:19:28 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Dave Airlie b9f0aee833 drm: stop information leak of old kernel stack. 
non-critical issue, CVE-2010-2803

Userspace controls the amount of memory to be allocate, so it can
get the ioctl to allocate more memory than the kernel uses, and get
access to kernel stack. This can only be done for processes authenticated
to the X server for DRI access, and if the user has DRI access.

Fix is to just memset the data to 0 if the user doesn't copy into
it in the first place.

Reported-by: Kees Cook <kees@ubuntu.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2010-08-17 14:51:45 +10:00
..
accessibility
acpi Merge branch 'bugzilla-16396' into release 2010-07-24 23:26:22 -04:00
amba
ata ata_generic: implement ATA_GEN_* flags and force enable DMA on MBP 7,1 2010-07-01 15:34:48 -04:00
atm
auxdisplay
base Driver-core: Always create class directories for classses that support namespaces. 2010-07-26 08:05:31 -07:00
block cciss: set SCSI max cmd len to 16, as default is wrong 2010-06-15 08:12:34 +02:00
bluetooth drivers: bluetooth: bluecard_cs.c: Fixed include error, changed to linux/io.h 2010-07-01 21:28:14 -07:00
cdrom
char agp: intel-agp: do not use PCI resources before pci_enable_device() 2010-08-05 12:28:25 +10:00
clocksource Andres has moved 2010-07-20 16:25:41 -07:00
connector
cpufreq [CPUFREQ] fix memory leak in cpufreq_add_dev 2010-07-26 15:25:33 -04:00
cpuidle sched: Cure nr_iowait_cpu() users 2010-07-01 09:39:48 +02:00
crypto crypto: talitos - fix bug in sg_copy_end_to_buffer 2010-07-19 14:11:24 +08:00
dca
dio
dma of/dma: fix build breakage in ppc4xx adma driver 2010-07-02 15:46:17 -06:00
edac edac: mpc85xx: fix coldplug/hotplug module autoloading 2010-07-27 14:32:06 -07:00
eisa
firewire firewire: core: check for 1394a compliant IRM, fix inaccessibility of Sony camcorder 2010-06-02 19:48:13 +02:00
firmware
gpio gpio: fix spurious printk when freeing a gpio 2010-07-27 14:32:07 -07:00
gpu drm: stop information leak of old kernel stack. 2010-08-17 14:51:45 +10:00
hid HID: Send Report ID when numbered reports are sent over the control endpoint. 2010-07-11 23:13:15 +02:00
hwmon hwmon: (coretemp) Properly label the sensors 2010-07-09 16:22:51 +02:00
i2c Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2010-07-11 13:35:34 -07:00
ide powerpc/macio: Fix probing of macio devices by using the right of match table 2010-06-02 17:50:38 +10:00
idle
ieee1394
ieee802154
infiniband IB/qib: Use request_firmware() to load SD7220 firmware 2010-07-08 13:27:05 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2010-07-22 11:46:15 -07:00
isdn ISDN: hysdn, fix potential NULL dereference 2010-06-26 22:12:02 -07:00
leds i2c: Remove all i2c_set_clientdata(client, NULL) in drivers 2010-06-03 11:33:58 +02:00
lguest
macintosh Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2010-06-03 15:46:37 -07:00
mca
md md/raid5: don't include 'spare' drives when reshaping to fewer devices. 2010-06-24 13:36:04 +10:00
media V4L/DVB: v4l: mem2mem_testdev: fix g_fmt NULL pointer dereference 2010-07-08 16:50:24 -03:00
memstick
message
mfd i2c: Remove all i2c_set_clientdata(client, NULL) in drivers 2010-06-03 11:33:58 +02:00
misc Andres has moved 2010-07-20 16:25:41 -07:00
mmc ARM: Fix Versatile/Realview/VExpress MMC card detection sense 2010-07-30 23:16:32 +01:00
mtd Merge git://git.infradead.org/~dwmw2/mtd-2.6.35 2010-06-07 17:10:06 -07:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2010-07-27 09:21:00 -07:00
nubus
of
oprofile
parisc
parport
pci PCI: fall back to original BIOS BAR addresses 2010-07-16 11:39:48 -07:00
pcmcia Merge master.kernel.org:/home/rmk/linux-2.6-arm 2010-07-26 08:20:38 -07:00
platform intel_scu_ipc: Oops/crash fixes 2010-07-19 13:17:37 -07:00
pnp
power Merge git://git.infradead.org/users/cbou/battery-2.6.35 2010-07-27 09:22:55 -07:00
pps
ps3
rapidio rapidio: fix new kernel-doc warnings 2010-05-30 09:02:47 -07:00
regulator regulator: tps6507x: allow driver to use DEFDCDC{2,3}_HIGH register 2010-07-28 15:09:26 +01:00
rtc drivers/rtc/rtc-rx8581.c: fix setdatetime 2010-07-27 14:32:06 -07:00
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6 2010-07-28 20:00:42 -07:00
sbus drivers/sbus: Remove unnecessary casts of private_data 2010-07-12 21:16:04 -07:00
scsi [SCSI] ibmvscsi: Fix oops when an interrupt is pending during probe 2010-07-27 11:53:23 -05:00
serial serial: fix rs485 for atmel_serial on avr32 2010-07-26 11:59:31 -07:00
sfi SFI: do not return freed pointer 2010-06-01 12:04:35 -04:00
sh sh: Make intc messages consistent via pr_fmt. 2010-06-02 18:10:00 +09:00
sn
spi powerpc/cpm: Reintroduce global spi_pram struct (fixes build issue) 2010-07-11 11:03:22 -05:00
ssb
staging Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6 2010-06-30 15:45:59 -07:00
tc
telephony
thermal
uio
usb Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6 2010-07-26 13:06:39 -07:00
uwb
vhost Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2010-07-20 16:26:42 -07:00
video Merge master.kernel.org:/home/rmk/linux-2.6-arm 2010-07-30 19:02:51 -07:00
virtio virtio: fix oops on OOM 2010-07-26 08:05:31 -07:00
vlynq
w1
watchdog watchdog: at32ap700x_wdt: register misc device last in probe() function 2010-06-17 09:56:57 +00:00
xen xen: avoid allocation causing potential swap activity on the resume path 2010-06-03 09:34:45 +01:00
zorro
Kconfig
Makefile