Skip to content

Commit

Permalink
xen/netfront: fix leaking data in shared pages
Browse files Browse the repository at this point in the history 
commit 307c8de upstream.

When allocating pages to be used for shared communication with the
backend always zero them, this avoids leaking unintended data present
on the pages.

This is CVE-2022-33740, part of XSA-403.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  • Loading branch information
@royger @gregkh
royger authored and gregkh committed Jul 7, 2022
1 parent cfea428 commit 728d68b
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion drivers/net/xen-netfront.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,8 @@ static struct sk_buff *xennet_alloc_one_rx_buffer(struct netfront_queue *queue)
if (unlikely(!skb))
return NULL;

page = page_pool_dev_alloc_pages(queue->page_pool);
page = page_pool_alloc_pages(queue->page_pool,
GFP_ATOMIC | __GFP_NOWARN | __GFP_ZERO);
if (unlikely(!page)) {
kfree_skb(skb);
return NULL;
Expand Down

0 comments on commit 728d68b

Please sign in to comment.