averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-03 12:05:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9f036aa0fe46c19e938f03d10e02c23f4fffae5e
linux-stable-mirror/drivers/input/misc
History
Zhen Ni 48c96b7e9e Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak 
commit d3366a0477 upstream.

Struct ff_effect_compat is embedded twice inside
uinput_ff_upload_compat, contains internal padding. In particular, there
is a hole after struct ff_replay to satisfy alignment requirements for
the following union member. Without clearing the structure,
copy_to_user() may leak stack data to userspace.

Initialize ff_up_compat to zero before filling valid fields.

Fixes: 2d56f3a32c ("Input: refactor evdev 32bit compat to be shareable with uinput")
Cc: stable@vger.kernel.org
Signed-off-by: Zhen Ni <zhen.ni@easystack.cn>
Link: https://lore.kernel.org/r/20250928063737.74590-1-zhen.ni@easystack.cn
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-10-15 12:00:24 +02:00
..
88pm80x_onkey.c
88pm860x_onkey.c
88pm886-onkey.c
ab8500-ponkey.c
ad714x-i2c.c
ad714x-spi.c
ad714x.c
ad714x.h
adxl34x-i2c.c
adxl34x-spi.c
adxl34x.c
adxl34x.h
apanel.c
ariel-pwrbutton.c
arizona-haptics.c
atc260x-onkey.c
ati_remote2.c
atlas_btns.c
atmel_captouch.c
axp20x-pek.c
bma150.c
cm109.c
cma3000_d0x_i2c.c
cma3000_d0x.c
cma3000_d0x.h
cobalt_btns.c
cpcap-pwrbutton.c
cs40l50-vibra.c
Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt()
2025-07-10 16:04:43 +02:00
da7280.c
da9052_onkey.c
da9055_onkey.c
da9063_onkey.c
drv260x.c
drv2665.c
drv2667.c
e3x0-button.c
gpio_decoder.c
gpio-beeper.c
gpio-vibra.c
hisi_powerkey.c
hp_sdc_rtc.c
ibm-panel.c
ideapad_slidebar.c
ims-pcu.c
iqs269a.c
iqs626a.c
iqs7222.c
Input: iqs7222 - avoid enabling unused interrupts
2025-09-19 16:35:48 +02:00
Kconfig
keyspan_remote.c
kxtj9.c
m68kspkr.c
Makefile
max8925_onkey.c
max8997_haptic.c
max77650-onkey.c
max77693-haptic.c
mc13783-pwrbutton.c
mma8450.c
nxp-bbnsm-pwrkey.c
palmas-pwrbutton.c
pcap_keys.c
pcf8574_keypad.c
pcf50633-input.c
pcspkr.c
pm8xxx-vibrator.c
pm8941-pwrkey.c
pmic8xxx-pwrkey.c
powermate.c
pwm-beeper.c
pwm-vibra.c
rave-sp-pwrbutton.c
rb532_button.c
regulator-haptic.c
retu-pwrbutton.c
rk805-pwrkey.c
rotary_encoder.c
rt5120-pwrkey.c
sc27xx-vibra.c
sgi_btns.c
soc_button_array.c
sparcspkr.c
Input: sparcspkr - avoid unannotated fall-through
2025-06-27 11:11:39 +01:00
stpmic1_onkey.c
tps65218-pwrbutton.c
tps65219-pwrbutton.c
twl4030-pwrbutton.c
twl4030-vibra.c
twl6040-vibra.c
uinput.c
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
2025-10-15 12:00:24 +02:00
wistron_btns.c
wm831x-on.c
xen-kbdfront.c
yealink.c
yealink.h