ACK: [SRU][Mantic][PATCH 0/1] CVE-2023-50431
Andrei Gherzan
andrei.gherzan at canonical.com
Wed Feb 7 10:18:40 UTC 2024
On 24/02/06 03:30PM, Bethany Jamison wrote:
> [Impact]
>
> sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in
> the Linux kernel through 6.6.5 allows an information leak to user space
> because info->pad0 is not initialized.
>
> [Fix]
>
> Clean cherry-pick.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Regression Potential]
>
> Issues could occur when setting hl_info_sec_attest struct.
>
> Xingyuan Mo (1):
> accel/habanalabs: fix information leak in sec_attest_info()
>
> drivers/accel/habanalabs/common/habanalabs_ioctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Acked-by: Andrei Gherzan <andrei.gherzan at canonical.com>
--
Andrei Gherzan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240207/00fea9f3/attachment.sig>
More information about the kernel-team
mailing list