blob: 9f0f8b5326192da5594efd48f6c67c7f9c7b7555 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: information leak by reading "callback=" lines in a debugfs file
References:
https://lists.debian.org/debian-security-tracker/2019/01/msg00029.html
Notes:
carnil> Not very convinced about the report as it only was throwed in
carnil> earlier this year on the debian security-tracker mailinglist.
carnil> Was it reported upstream? hidma_dbg.c introduced with
carnil> 570d0176296f0d17c4b5ab206ad4a4bc027b863b in 4.7-rc1.
canril> Issue mitigated with commit
canril> ad67b74d2469d9b82aaa572d76474c95bc484d57 ("printk: hash
canril> addresses printed with %p").
bwh> I consider hashing pointers to be a complete fix. Additionally
bwh> debugfs is only accessible to root by default.
Bugs:
upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
4.19-upstream-stable: N/A "Fixed before branch point"
4.9-upstream-stable: ignored "Minor issue"
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.15.4-1)
4.9-stretch-security: ignored "Minor issue"
3.16-jessie-security: N/A "Vulnerable code introduced later"
|
