iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2f2d0088eb
linux/tools
History
Shuah Khan 2f2d0088eb usbip: prevent vhci_hcd driver from leaking a socket pointer address 
When a client has a USB device attached over IP, the vhci_hcd driver is
locally leaking a socket pointer address via the

/sys/devices/platform/vhci_hcd/status file (world-readable) and in debug
output when "usbip --debug port" is run.

Fix it to not leak. The socket pointer address is not used at the moment
and it was made visible as a convenient way to find IP address from socket
pointer address by looking up /proc/net/{tcp,tcp6}.

As this opens a security hole, the fix replaces socket pointer address with
sockfd.

Reported-by: Secunia Research <vuln@secunia.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-12-08 17:32:23 +01:00
..
accounting License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
arch Merge branch 'linus' into locking/core, to resolve conflicts 2017-11-07 10:32:44 +01:00
bpf tools: bpftool: declare phony targets as such 2017-11-30 02:09:29 +01:00
build License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cgroup License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
firewire License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gpio This is the bulk of GPIO changes for the v4.15 kernel cycle: 2017-11-14 17:23:44 -08:00
hv License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iio License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
include bpftool: revert printing program device bound info 2017-11-21 00:37:35 +01:00
kvm/kvm_stat First batch of KVM changes for 4.15 2017-11-16 13:00:24 -08:00
laptop License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
leds License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
lib tools/lib/traceevent/parse-filter.c: clean up clang build warning 2017-11-17 16:10:02 -08:00
nfsd License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
objtool tools/headers: Sync objtool UAPI header 2017-11-14 07:26:17 +01:00
pci License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pcmcia License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
perf Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2017-11-17 14:23:52 -08:00
power Power management fixes for v4.15-rc2 2017-11-30 18:45:55 -05:00
scripts kbuild: /bin/pwd -> pwd 2017-11-18 11:32:27 +09:00
spi License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
testing Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 2017-12-03 13:08:30 -05:00
thermal/tmon Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-11-17 14:31:27 -08:00
time
usb usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-08 17:32:23 +01:00
virtio locking/x86: Use LOCK ADD for smp_mb() instead of MFENCE 2017-11-10 13:43:44 +01:00
vm tools: slabinfo: add "-U" option to show unreclaimable slabs only 2017-11-15 18:21:01 -08:00
wmi tools/wmi: add a sample for dell smbios communication over WMI 2017-11-03 16:34:00 -07:00
Makefile platform-drivers-x86 for v4.15-1 2017-11-18 10:26:57 -08:00