[CVE-2011-1160] char/tpm: Fix unitialized usage of data buffer

Andy Whitcroft apw at canonical.com
Wed Jul 27 15:20:22 UTC 2011

	This patch fixes information leakage to the userspace by
	initializing the data buffer to zero.

The fix for this CVE has lucid and later via mainline and stable
updates.  Following this email are two patches, one for hardy, and one
for lucid/fsl-imx51 and maverick/ti-omap4.  The first is a simple
backport of the mainline fix, the second a cherry-pick.

Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.


More information about the kernel-team mailing list