perf_counter: Fix buffer overflow in perf_copy_attr()
If we pass a big size data over perf_counter_open() syscall, the kernel will copy this data to a small buffer, it will cause kernel crash. This bug makes the kernel unsafe and non-root local user can trigger it. Signed-off-by: NXiao Guangrong <xiaoguangrong@cn.fujitsu.com> Acked-by: NPeter Zijlstra <peterz@infradead.org> Acked-by: NPaul Mackerras <paulus@samba.org> Cc: <stable@kernel.org> LKML-Reference: <4AAF37D4.5010706@cn.fujitsu.com> Signed-off-by: NIngo Molnar <mingo@elte.hu>
Showing
想要评论请 注册 或 登录