[ACK] [CVE-2011-1160] char/tpm: Fix unitialized usage of data buffer

Stefan Bader stefan.bader at canonical.com
Wed Jul 27 15:36:30 UTC 2011

On 27.07.2011 17:20, Andy Whitcroft wrote:
> CVE-2011-1160
> 	This patch fixes information leakage to the userspace by
> 	initializing the data buffer to zero.
> The fix for this CVE has lucid and later via mainline and stable
> updates.  Following this email are two patches, one for hardy, and one
> for lucid/fsl-imx51 and maverick/ti-omap4.  The first is a simple
> backport of the mainline fix, the second a cherry-pick.
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
> -apw
Straight forward...

Acked-by: Stefan Bader <stefan.bader at canonical.com>

More information about the kernel-team mailing list