splice: missing user pointer access verification (CVE-2008-0009/10) (cece280a) · Commits · linux-arm / linux-sh

Commit cece280a authored Feb 08, 2008 by Jens Axboe Committed by Greg Kroah-Hartman Feb 08, 2008

splice: missing user pointer access verification (CVE-2008-0009/10)



patch 8811930d in mainline.

vmsplice_to_user() must always check the user pointer and length
with access_ok() before copying. Likewise, for the slow path of
copy_from_user_mmap_sem() we need to check that we may read from
the user region.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Cc: Wojciech Purczynski <cliph@research.coseinc.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 1dcde874

Hide whitespace changes

Inline Side-by-side

Please register or to comment