Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
28 lines (18 sloc) 835 Bytes

[Suggested description] The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

[Affected Product Code Base] linux kernel - >=v2.6.29-rc1

[Affected Component] [source code file] /lib/swiotlb.c function: swiotlb_print_info

[Attack Vectors] dmesg | grep "software IO TLB" //we can get a kernel obj address 1.258466] software IO TLB [mem 0x7a0c3000-0x7e0c3000] (64MB) mapped at [ffff938cba0c3000-ffff938cbe0c2fff]

[Discoverer] ADLab of VenusTech