android-wear-6.0.1_r0.61 - kernel/msm

tag	6a4ed053ee80ce08fa18b3378475042a2609320e
tagger	The Android Open Source Project <initial-contribution@android.com>	Mon Sep 12 10:02:03 2016 -0700
object	f3e198c66b7712d57dca0b7c2a34905f79f84a1c

Android Wear 6.0.1 Release 0.61

commit	f3e198c66b7712d57dca0b7c2a34905f79f84a1c	[log] [tgz]
author	steven_syu <steven_syu@asus.com>	Wed Aug 17 17:02:20 2016 +0800
committer	Carol_Jiang <carol_jiang@asus.com>	Wed Aug 17 17:32:13 2016 +0800
tree	91d20cf91924da404ae5c1c0386ca01919f73785
parent	eb5b2036f4f7c329cbb8039b882251a40e1f03fd [diff]

robin: security: patch for CVE-2016-4482

Subject: [PATCH] USB: usbfs: fix potential infoleak in devio

The stack object "ci" has a total size of 8 bytes. Its last 3 bytes
are padding bytes which are not initialized and leaked to userland
via "copy_to_user".

Change-Id: I0e72b4f00bf253d472bfce2660e5370de99d0018
Reviewed-on: http://mcrd1-22-pc.corpnet.asus/code-review/master/249847
Reviewed-by: Steven Syu <steven_syu@asus.com>
Tested-by: Steven Syu <steven_syu@asus.com>
Reviewed-by: Carol_Jiang <carol_jiang@asus.com>

drivers/usb/core/devio.c[diff]

1 file changed

tree: 91d20cf91924da404ae5c1c0386ca01919f73785