RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() - wireguard-linux

diff options

author	Jason Gunthorpe <jgg@nvidia.com>	2026-02-16 11:02:49 -0400
committer	Leon Romanovsky <leon@kernel.org>	2026-02-24 05:03:15 -0500
commit	74586c6da9ea222a61c98394f2fc0a604748438c (patch)
tree	82f9e7c80ca06b8c8371725e20ba97dd67b53a17 /include/linux/bcma/ssh:/git@git.zx2c4.com
parent	IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() (diff)

RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah->sc_ah.ah_info.ah_idx) __u8 rsvd[4]; // offset 4 - NEVER SET <- LEAK }; rsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata(). The reserved members of the structure were not zeroed. Cc: stable@vger.kernel.org Fixes: b48c24c2d710 ("RDMA/irdma: Implement device supported verb APIs") Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> Link: https://patch.msgid.link/3-v1-83e918d69e73+a9-rdma_udata_rc_jgg@nvidia.com Signed-off-by: Leon Romanovsky <leon@kernel.org>

Diffstat (limited to 'include/linux/bcma/ssh:/git@git.zx2c4.com')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: