[Kernel-packages] [Bug 2013088] [NEW] [UBUNTU 18.04] kernel: fix __clear_user() inline assembly constraints

Tue, 28 Mar 2023 07:05:42 -0700 

Public bug reported:

Description:   kernel: fix __clear_user() inline assembly constraints

Symptom:       In case clear_user() crosses two pages and faults on the
               second page the kernel may write lowcore contents to the
               first page, instead of clearing it.

Problem:       The __clear_user() inline assembly misses earlyclobber
               constraint modifiers. Depending on compiler and compiler
               options this may lead to incorrect code which copies kernel
               lowcore contents to user space instead of clearing memory,
               in case clear_user() faults.

Solution:      Add missing earlyclobber constraint modifiers.
Preventive:    yes

Upstream-ID:   89aba4c26fae4e459f755a18912845c348ee48f3

Affected Releases:
               18.04
               20.04
               22.04
               22.10
               23.04

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Skipper Bug Screeners (skipper-screen-team)
         Status: New


** Tags: architecture-s39064 bugnameltc-202103 severity-high 
targetmilestone-inin---

** Tags added: architecture-s39064 bugnameltc-202103 severity-high
targetmilestone-inin---

** Changed in: ubuntu
     Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)

** Package changed: ubuntu => linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2013088

Title:
  [UBUNTU 18.04] kernel: fix __clear_user() inline assembly constraints

Status in linux package in Ubuntu:
  New

Bug description:
  Description:   kernel: fix __clear_user() inline assembly constraints

  Symptom:       In case clear_user() crosses two pages and faults on the
                 second page the kernel may write lowcore contents to the
                 first page, instead of clearing it.

  Problem:       The __clear_user() inline assembly misses earlyclobber
                 constraint modifiers. Depending on compiler and compiler
                 options this may lead to incorrect code which copies kernel
                 lowcore contents to user space instead of clearing memory,
                 in case clear_user() faults.

  Solution:      Add missing earlyclobber constraint modifiers.
  Preventive:    yes

  Upstream-ID:   89aba4c26fae4e459f755a18912845c348ee48f3

  Affected Releases:
                 18.04
                 20.04
                 22.04
                 22.10
                 23.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2013088/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to