lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20170126015759.25871-1-riel@redhat.com>
Date:   Wed, 25 Jan 2017 20:57:57 -0500
From:   riel@...hat.com
To:     linux-kernel@...r.kernel.org
Cc:     mingo@...nel.org, luto@...nel.org, yu-cheng.yu@...el.com,
        dave.hansen@...ux.intel.com, bp@...e.de
Subject: [PATCH 0/2] x86/fpu: copyout_from_xsaves & copyin_to_xsaves fixes

There are two issues with copyout_from_xsaves and copyin_to_xsaves.

The first is a simple bounds checking issue, where the code could
potentially clobber memory outside of a userspace buffer before it
stops copying data.

The second is more subtle. SSE and YMM XRSTOR depend on two fields
inside the legacy FP area. However, if xfeatures XFEATURE_MASK_FP is
clear, those fields do not get copied around at all. Fix that.

Thanks to Dave Hansen for helping track down that second bug.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ