On Sat, Jul 07, 2018 at 04:16:33AM +0200, Jann Horn wrote:
> This read handler had a lot of custom logic and wrote outside the bounds of
> the provided buffer. This could lead to kernel and userspace memory
> corruption. Just use simple_read_from_buffer() with a stack buffer.
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Cc: [email protected]
> Signed-off-by: Jann Horn <[email protected]>
> ---
> NOTE: I put a "CC: stable" tag on this commit because it's a simple
> change and I don't know whether bugs in this code matter; I don't
> have any idea what the userland for this looks like.
> If it's not important, feel free to remove the tag.
Looks worthy of a stable tree inclusion, thanks. I've kept it and
queued the patch up now.
greg k-h
