git.ipfire.org Git - thirdparty/kernel/linux.git/commit

xfrm_user: fix info leak in build_report()

struct xfrm_user_report is a __u8 proto field followed by a struct
xfrm_selector which means there is three "empty" bytes of padding, but
the padding is never zeroed before copying to userspace. Fix that up by
zeroing the structure before setting individual member variables.

Cc: stable <stable@kernel.org>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Simon Horman <horms@kernel.org>
Assisted-by: gregkh_clanker_t1000
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 6 Apr 2026 15:34:22 +0000 (17:34 +0200)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Tue, 7 Apr 2026 08:36:38 +0000 (10:36 +0200)
commit	d10119968d0e1f2b669604baf2a8b5fdb72fa6b4
tree	547f11d5afd1489fd3ab513f6fe315d6927acbac	tree \| snapshot
parent	1beb76b2053b68c491b78370794b8ff63c8f8c02	commit \| diff