From: Greg Kroah-Hartman Date: Wed, 16 Dec 2020 13:23:24 +0000 (+0100) Subject: 5.10-stable patches X-Git-Tag: v5.4.85~19 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d5e269f5768f636f11880f8edef5270cb4a38fcb;p=thirdparty%2Fkernel%2Fstable-queue.git 5.10-stable patches added patches: ptrace-prevent-kernel-infoleak-in-ptrace_get_syscall_info.patch --- diff --git a/queue-5.10/ptrace-prevent-kernel-infoleak-in-ptrace_get_syscall_info.patch b/queue-5.10/ptrace-prevent-kernel-infoleak-in-ptrace_get_syscall_info.patch new file mode 100644 index 00000000000..79fd26d3bfd --- /dev/null +++ b/queue-5.10/ptrace-prevent-kernel-infoleak-in-ptrace_get_syscall_info.patch @@ -0,0 +1,39 @@ +From 0032ce0f85a269a006e91277be5fdbc05fad8426 Mon Sep 17 00:00:00 2001 +From: Peilin Ye +Date: Sat, 1 Aug 2020 11:20:44 -0400 +Subject: ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() + +From: Peilin Ye + +commit 0032ce0f85a269a006e91277be5fdbc05fad8426 upstream. + +ptrace_get_syscall_info() is potentially copying uninitialized stack +memory to userspace, since the compiler may leave a 3-byte hole near the +beginning of `info`. Fix it by adding a padding field to `struct +ptrace_syscall_info`. + +Fixes: 201766a20e30 ("ptrace: add PTRACE_GET_SYSCALL_INFO request") +Suggested-by: Dan Carpenter +Signed-off-by: Peilin Ye +Reviewed-by: Dmitry V. Levin +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20200801152044.230416-1-yepeilin.cs@gmail.com +Signed-off-by: Christian Brauner +Signed-off-by: Greg Kroah-Hartman + +--- + include/uapi/linux/ptrace.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/include/uapi/linux/ptrace.h ++++ b/include/uapi/linux/ptrace.h +@@ -81,7 +81,8 @@ struct seccomp_metadata { + + struct ptrace_syscall_info { + __u8 op; /* PTRACE_SYSCALL_INFO_* */ +- __u32 arch __attribute__((__aligned__(sizeof(__u32)))); ++ __u8 pad[3]; ++ __u32 arch; + __u64 instruction_pointer; + __u64 stack_pointer; + union {