lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Jan 2017 20:57:57 -0500 From: riel@...hat.com To: linux-kernel@...r.kernel.org Cc: mingo@...nel.org, luto@...nel.org, yu-cheng.yu@...el.com, dave.hansen@...ux.intel.com, bp@...e.de Subject: [PATCH 0/2] x86/fpu: copyout_from_xsaves & copyin_to_xsaves fixes There are two issues with copyout_from_xsaves and copyin_to_xsaves. The first is a simple bounds checking issue, where the code could potentially clobber memory outside of a userspace buffer before it stops copying data. The second is more subtle. SSE and YMM XRSTOR depend on two fields inside the legacy FP area. However, if xfeatures XFEATURE_MASK_FP is clear, those fields do not get copied around at all. Fix that. Thanks to Dave Hansen for helping track down that second bug.
Powered by blists - more mailing lists