UBUNTU: SAUCE: KEYS: ensure xbuf is large enough to fix buffer overflow in...

UBUNTU: SAUCE: KEYS: ensure xbuf is large enough to fix buffer overflow in proc_keys_show (LP: #1634496) BugLink: http://bugs.launchpad.net/bugs/1634496 CVE-2016-7042 When stack protect is enabled xbuf is too small for timeout data causing a buffer overflow and a stack protector corruption report. OriginalAuthor: Vladis Dronov <vdronov@redhat.com> OriginalLocation: https://bugzilla.redhat.com/attachment.cgi?id=1200212&action=diffSigned-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

UBUNTU: SAUCE: KEYS: ensure xbuf is large enough to fix buffer overflow in...
UBUNTU: SAUCE: KEYS: ensure xbuf is large enough to fix buffer overflow in proc_keys_show (LP: #1634496) BugLink: http://bugs.launchpad.net/bugs/1634496 CVE-2016-7042 When stack protect is enabled xbuf is too small for timeout data causing a buffer overflow and a stack protector corruption report. OriginalAuthor: Vladis Dronov <vdronov@redhat.com> OriginalLocation: https://bugzilla.redhat.com/attachment.cgi?id=1200212&action=diffSigned-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
a23a1fb0 · Colin Ian King · Seth Forshee · df69860a · a23a1fb0
Commit a23a1fb0 authored Oct 18, 2016 by Colin Ian King Committed by Seth Forshee Oct 20, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

security/keys/proc.c security/keys/proc.c +1 -1

No files found.
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -181,7 +181,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
 	struct timespec now;
 	unsigned long timo;
 	key_ref_t key_ref, skey_ref;
-	char xbuf[12];
+	char xbuf[16];
 	int rc;

 	struct keyring_search_context ctx = {