Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
xen.481
xsa122.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa122.patch of Package xen.481
References: bsc#918998 CVE-2015-2045 XSA-122 pre-fill structures for certain HYPERVISOR_xen_version sub-ops ... avoiding to pass hypervisor stack contents back to the caller through space unused by the respective strings. This is CVE-2015-2045 / XSA-122. Acked-by: Jan Beulich <jbeulich@suse.com> --- a/xen/common/kernel.c +++ b/xen/common/kernel.c @@ -233,6 +233,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL case XENVER_extraversion: { xen_extraversion_t extraversion; + + memset(extraversion, 0, sizeof(extraversion)); safe_strcpy(extraversion, xen_extra_version()); if ( copy_to_guest(arg, extraversion, ARRAY_SIZE(extraversion)) ) return -EFAULT; @@ -242,6 +244,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL case XENVER_compile_info: { struct xen_compile_info info; + + memset(&info, 0, sizeof(info)); safe_strcpy(info.compiler, xen_compiler()); safe_strcpy(info.compile_by, xen_compile_by()); safe_strcpy(info.compile_domain, xen_compile_domain()); @@ -277,6 +281,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL case XENVER_changeset: { xen_changeset_info_t chgset; + + memset(chgset, 0, sizeof(chgset)); safe_strcpy(chgset, xen_changeset()); if ( copy_to_guest(arg, chgset, ARRAY_SIZE(chgset)) ) return -EFAULT;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor