From 2e775f75b52ecd963b842f4b91469f2851a6086b Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Mon, 8 Feb 2016 14:24:15 +0100
Subject: drivers-media: CVE-2014-1739

Fixes an information leakage in Linux kernel built with
the Multimedia support(CONFIG_MEDIA_SUPPORT).

References:
http://www.openwall.com/lists/oss-security/2014/06/15/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739

Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=2f1831612c94ee7b1819c4a6d21b9d5efac5297c

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 .../linux/files/media-CVE-2014-1739.patch          | 35 ++++++++++++++++++++++
 recipes-kernel/linux/linux-qoriq_3.12.bb           |  1 +
 2 files changed, 36 insertions(+)
 create mode 100644 recipes-kernel/linux/files/media-CVE-2014-1739.patch

diff --git a/recipes-kernel/linux/files/media-CVE-2014-1739.patch b/recipes-kernel/linux/files/media-CVE-2014-1739.patch
new file mode 100644
index 0000000..97ec3c7
--- /dev/null
+++ b/recipes-kernel/linux/files/media-CVE-2014-1739.patch
@@ -0,0 +1,35 @@
+From 2f1831612c94ee7b1819c4a6d21b9d5efac5297c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Salva=20Peir=C3=B3?= <speiro@ai2.upv.es>
+Date: Wed, 30 Apr 2014 19:48:02 +0200
+Subject: media: media-device: fix infoleak in ioctl media_enum_entities()
+
+commit e6a623460e5fc960ac3ee9f946d3106233fd28d8 upstream.
+
+This fixes CVE-2014-1739.
+
+Upstream-Status: Backport
+
+Signed-off-by: Salva Peiró <speiro@ai2.upv.es>
+Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ drivers/media/media-device.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
+index d5a7a13..703560f 100644
+--- a/drivers/media/media-device.c
++++ b/drivers/media/media-device.c
+@@ -93,6 +93,7 @@ static long media_device_enum_entities(struct media_device *mdev,
+ 	struct media_entity *ent;
+ 	struct media_entity_desc u_ent;
+ 
++	memset(&u_ent, 0, sizeof(u_ent));
+ 	if (copy_from_user(&u_ent.id, &uent->id, sizeof(u_ent.id)))
+ 		return -EFAULT;
+ 
+-- 
+cgit v0.11.2
+
diff --git a/recipes-kernel/linux/linux-qoriq_3.12.bb b/recipes-kernel/linux/linux-qoriq_3.12.bb
index e033320..262a6c8 100644
--- a/recipes-kernel/linux/linux-qoriq_3.12.bb
+++ b/recipes-kernel/linux/linux-qoriq_3.12.bb
@@ -34,6 +34,7 @@ SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;nobranch=1 \
     file://fs-isofs-CVE-2014-9420.patch \
     file://udp-CVE-2015-5364_CVE-2015-5366.patch \
     file://net-CVE-2015-2041.patch \
+    file://media-CVE-2014-1739.patch \
 "
 SRCREV = "6619b8b55796cdf0cec04b66a71288edd3057229"
 
-- 
cgit v1.2.3-54-g00ecf