drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c
kylin inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I7TEYD -------------------------------- https://gitee.com/openeuler/kernel/issues/I7TEYD report 2 bugs in gmjstcm driver, reported as CVEs in kernel tpm driver. [Vulnerability information] There may be information leakage vulnerabilities in the tcm_read function and tcm_open function in drivers/staging/gmjstcm/tcm.c The tcm_read function did not set this memory to 0 after calling the copy_to_user function, causing the user to read the information in the last tcm instruction. The tcm_open function does not set the memory block to 0 when allocating memory (kmalloc), which may lead to information leakage vulnerabilities. Here are the two fixes for TPM: 1. CVE-2011-1160 commit 1309d7af ("char/tpm: Fix unitialized usage of data buffer") 2. CVE-2011-1162 commit 3321c07a ("TPM: Zero buffer after copying to userspace") import 2 fixes from tpm.c to tcm.c Signed-off-by:Li ZhiGang <lizhigang@kylinos.cn>
Loading
Please sign in to comment