armbian/linux-rockchip
0
0
Fork 0
mirror of https://github.com/armbian/linux-rockchip.git synced 2026-01-06 11:08:10 -08:00
Code Issues Packages Projects Releases Wiki Activity

UPSTREAM: HID: core: zero-initialize the report buffer

Browse Source 
Since the report buffer is used by all kinds of drivers in various ways, let's
zero-initialize it during allocation to make sure that it can't be ever used
to leak kernel memory via specially-crafted report.

CVE-2024-50302

Change-Id: I949eb045a8e7fdc0be118d2899d9d957395067f1
Fixes: 27ce405039 ("HID: fix data access in implement()")
Reported-by: Benoît Sevens <bsevens@google.com>
Acked-by: Benjamin Tissoires <bentiss@kernel.org>
Signed-off-by: Jiri Kosina <jkosina@suse.com>
Signed-off-by: Tao Huang <huangtao@rock-chips.com>
(cherry picked from commit 177f25d1292c7e16e1199b39c85480f7f8815552)
This commit is contained in:
Jiri Kosina
2024-10-29 15:44:35 +01:00
committed by Tao Huang
parent 41fe643f8c
commit f8c680bb5e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/hid/hid-core.c
View File

@@ -1878,7 +1878,7 @@ u8 *hid_alloc_report_buf(struct hid_report *report, gfp_t flags)
u32 len = hid_report_len(report) + 7;
return kmalloc(len, flags);
return kzalloc(len, flags);
}
EXPORT_SYMBOL_GPL(hid_alloc_report_buf);