On Tue, Nov 07, 2017 at 03:09:24PM +0100, Arnd Bergmann wrote: > There was a typo in the new version of put_tv32() that caused > uninitialized stack data to be written back to user space, rather > than writing the actual timeval for the emulation of > gettimeofday(), wait4(), usleep_thread() and old_adjtimex(). > > This fixes it to write the correct data again.
*blink* the bug is real, all right, and the fix is correct one, but where do you get an infoleak? What it is is a user-triggerable oops - just pass it an unmapped address. For anything mapped r/w it's simply a no-op - userland data is unchanged. IOW, the fix is correct, but commit message isn't - it's "user-triggerable oops and in all cases failed to modify userland timeval32" not "uninitialized stack data to be written back to user space"
