* [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c
@ 2019-04-16 7:06 Fuqian Huang
2019-04-16 8:57 ` Greg KH
0 siblings, 1 reply; 2+ messages in thread
From: Fuqian Huang @ 2019-04-16 7:06 UTC (permalink / raw)
Cc: stable, gregkh, Fuqian Huang, Subbu Seetharaman, Ketan Mukadam,
Jitendra Bhivare, James E.J. Bottomley, Martin K. Petersen,
linux-scsi, linux-kernel
Outputting kernel addresses will reveal the locations of kernel code
and data. And there is no need to print the address of a global object
beiscsi_iscsi_transport in beiscsi_module_init.
This case is similar to CVE-2018-7273[1].
Just remove the print statement.
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
---
drivers/scsi/be2iscsi/be_main.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c
index b4542e7..f0dcd1f 100644
--- a/drivers/scsi/be2iscsi/be_main.c
+++ b/drivers/scsi/be2iscsi/be_main.c
@@ -5844,8 +5844,6 @@ static int __init beiscsi_module_init(void)
"beiscsi_module_init - Unable to register beiscsi transport.\n");
return -ENOMEM;
}
- printk(KERN_INFO "In beiscsi_module_init, tt=%p\n",
- &beiscsi_iscsi_transport);
ret = pci_register_driver(&beiscsi_pci_driver);
if (ret) {
--
2.11.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c
2019-04-16 7:06 [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c Fuqian Huang
@ 2019-04-16 8:57 ` Greg KH
0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2019-04-16 8:57 UTC (permalink / raw)
To: Fuqian Huang
Cc: stable, Subbu Seetharaman, Ketan Mukadam, Jitendra Bhivare,
James E.J. Bottomley, Martin K. Petersen, linux-scsi,
linux-kernel
On Tue, Apr 16, 2019 at 03:06:34PM +0800, Fuqian Huang wrote:
> Outputting kernel addresses will reveal the locations of kernel code
> and data. And there is no need to print the address of a global object
> beiscsi_iscsi_transport in beiscsi_module_init.
> This case is similar to CVE-2018-7273[1].
> Just remove the print statement.
>
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7273
>
> Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com>
<formletter>
This is not the correct way to submit patches for inclusion in the
stable kernel tree. Please read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
</formletter>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-04-16 8:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-16 7:06 [PATCH 4.14] scsi:be2iscsi: Fix a kernel address leakage in be_main.c Fuqian Huang
2019-04-16 8:57 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).