Please sign in to comment.
When zero'ing out a buffer, make sure we are using right size. Without this change, in the worst but unlikely case scenario, certain administrative operations, including change of configuration, set or delete key from a GEOM ELI provider, may leave potentially sensitive information in buffer allocated from kernel memory. We believe that it is not possible to actively exploit these issues, nor does it impact the security of normal usage of GEOM ELI providers when these operations are not performed after system boot. Security: possible sensitive information disclosure Submitted by: Clement Lecigne <clecigne google com> Approved by: re (glebius)
- Loading branch information...