stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c
@ 2019-04-16  7:06 Fuqian Huang
  2019-04-16  8:57 ` Greg KH
  0 siblings, 1 reply; 2+ messages in thread
From: Fuqian Huang @ 2019-04-16  7:06 UTC (permalink / raw)
  Cc: stable, gregkh, Fuqian Huang, Subbu Seetharaman, Ketan Mukadam,
	Jitendra Bhivare, James E.J. Bottomley, Martin K. Petersen,
	linux-scsi, linux-kernel

Outputting kernel addresses will reveal the locations of kernel code
and data. And there is no need to print the address of a global object 
beiscsi_iscsi_transport in beiscsi_module_init.
This case is similar to CVE-2018-7273[1].
Just remove the print statement.

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273

Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
---
 drivers/scsi/be2iscsi/be_main.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c
index b4542e7..f0dcd1f 100644
--- a/drivers/scsi/be2iscsi/be_main.c
+++ b/drivers/scsi/be2iscsi/be_main.c
@@ -5844,8 +5844,6 @@ static int __init beiscsi_module_init(void)
 		       "beiscsi_module_init - Unable to  register beiscsi transport.\n");
 		return -ENOMEM;
 	}
-	printk(KERN_INFO "In beiscsi_module_init, tt=%p\n",
-	       &beiscsi_iscsi_transport);
 
 	ret = pci_register_driver(&beiscsi_pci_driver);
 	if (ret) {
-- 
2.11.0


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c
  2019-04-16  7:06 [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c Fuqian Huang
@ 2019-04-16  8:57 ` Greg KH
  0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2019-04-16  8:57 UTC (permalink / raw)
  To: Fuqian Huang
  Cc: stable, Subbu Seetharaman, Ketan Mukadam, Jitendra Bhivare,
	James E.J. Bottomley, Martin K. Petersen, linux-scsi,
	linux-kernel

On Tue, Apr 16, 2019 at 03:06:34PM +0800, Fuqian Huang wrote:
> Outputting kernel addresses will reveal the locations of kernel code
> and data. And there is no need to print the address of a global object 
> beiscsi_iscsi_transport in beiscsi_module_init.
> This case is similar to CVE-2018-7273[1].
> Just remove the print statement.
> 
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
> 
> Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>

<formletter>

This is not the correct way to submit patches for inclusion in the
stable kernel tree.  Please read:
    https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.

</formletter>

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-04-16  8:57 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-16  7:06 [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c Fuqian Huang
2019-04-16  8:57 ` Greg KH

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).