Skip to content

Commit

Permalink
xen/netfront: fix leaking data in shared pages
Browse files Browse the repository at this point in the history 
commit 307c8de upstream.

When allocating pages to be used for shared communication with the
backend always zero them, this avoids leaking unintended data present
on the pages.

This is CVE-2022-33740, part of XSA-403.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  • Loading branch information
Roger Pau Monne authored and Greg Kroah-Hartman committed Jul 7, 2022
1 parent 62b5d18 commit 6d98cf6
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion drivers/net/xen-netfront.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,8 @@ static struct sk_buff *xennet_alloc_one_rx_buffer(struct netfront_queue *queue)
if (unlikely(!skb))
return NULL;

page = page_pool_dev_alloc_pages(queue->page_pool);
page = page_pool_alloc_pages(queue->page_pool,
GFP_ATOMIC | __GFP_NOWARN | __GFP_ZERO);
if (unlikely(!page)) {
kfree_skb(skb);
return NULL;
Expand Down

0 comments on commit 6d98cf6

Please sign in to comment.