Headline
CVE-2013-6282: ARM: 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_D… · torvalds/linux@8404663
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.
Commit
Permalink
Browse files
Browse the repository at this point in the history
ARM: 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_D…
…OMAINS
The {get,put}_user macros don’t perform range checking on the provided __user address when !CPU_HAS_DOMAINS.
This patch reworks the out-of-line assembly accessors to check the user address against a specified limit, returning -EFAULT if is is out of range.
[will: changed get_user register allocation to match put_user] [rmk: fixed building on older ARM architectures]
Reported-by: Catalin Marinas [email protected] Signed-off-by: Will Deacon [email protected] Cc: [email protected] Signed-off-by: Russell King [email protected]
- Loading branch information