Return-Path: Subject: Re: [PATCH] bluetooth: hidp: fix information leak to userland From: Marcel Holtmann To: Vasiliy Kulikov Cc: kernel-janitors@vger.kernel.org, "Gustavo F. Padovan" , "David S. Miller" , Jiri Kosina , Michael Poole , Bastien Nocera , linux-bluetooth@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <1288448791-6009-1-git-send-email-segooon@gmail.com> References: <1288448791-6009-1-git-send-email-segooon@gmail.com> Content-Type: text/plain; charset="UTF-8" Date: Tue, 02 Nov 2010 16:36:29 +0100 Message-ID: <1288712189.3322.180.camel@aeonflux> Mime-Version: 1.0 Sender: linux-bluetooth-owner@vger.kernel.org List-ID: Hi Vasiliy, > Structure hidp_conninfo is copied to userland with version, product, > vendor and name fields unitialized if both session->input and session->hid > are NULL. It leads to leaking of contents of kernel stack memory. > > Signed-off-by: Vasiliy Kulikov Acked-by: Marcel Holtmann Regards Marcel