[Devel] [PATCH RHEL7 COMMIT] ve/kmod: fix out-of-bounds access in call_modprobe()
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Aug 31 06:15:30 PDT 2015
The commit is pushed to "branch-rh7-3.10.0-229.7.2-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-229.7.2.vz7.6.4
------>
commit e2164f15d2f004ce076da3aa925b681bd8cde8d8
Author: Andrey Ryabinin <aryabinin at odin.com>
Date: Mon Aug 31 17:15:30 2015 +0400
ve/kmod: fix out-of-bounds access in call_modprobe()
Commit 18f83b2460e2 ("ve/kmod: Port autoloading from CT") extended
argv array for one more element, however it wasn't extended
on allocation site.
https://jira.sw.ru/browse/PSBM-38666
Fixes: 18f83b2460e2 ("ve/kmod: Port autoloading from CT")
Signed-off-by: Andrey Ryabinin <aryabinin at odin.com>
Cc: Konstantin Khorenko <khorenko at virtuozzo.com>
Signed-off-by: Andrey Ryabinin <aryabinin at odin.com>
Acked-by: Kirill Tkhai <ktkhai at odin.com>
---
kernel/kmod.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/kmod.c b/kernel/kmod.c
index e0554f8..aa5cb99 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -91,7 +91,7 @@ static int call_modprobe(char *module_name, int wait, int blacklist)
NULL
};
- char **argv = kmalloc(sizeof(char *[5]), GFP_KERNEL);
+ char **argv = kmalloc(sizeof(char *[6]), GFP_KERNEL);
if (!argv)
goto out;
More information about the Devel
mailing list