lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20170719053551.GB26030@nazgul.tnic>
Date:   Wed, 19 Jul 2017 07:35:51 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     shuwang@...hat.com
Cc:     tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        x86@...nel.org, linux-kernel@...r.kernel.org, liwang@...hat.com,
        chuhu@...hat.com
Subject: Re: [PATCH] x86/microcode/AMD: fix memleak in update_cache()

On Wed, Jul 19, 2017 at 12:21:23PM +0800, shuwang@...hat.com wrote:
> From: Shu Wang <shuwang@...hat.com>
> 
> Found this issue by kmemleak. The mem is allocated in
> verify_and_add_patch(), passed to update_cache(patch),
> and just dropped the reference without free
> if (p->patch_id >= new_patch->patch_id)
>     return;
> 
> unreferenced object 0xffff88010e780b40 (size 32):
>   comm "bash", pid 860, jiffies 4294690939 (age 29.297s)
>   backtrace:
>     [<ffffffff8176166a>] kmemleak_alloc+0x4a/0xa0
>     [<ffffffff8121801a>] kmem_cache_alloc_trace+0xca/0x1d0
>     [<ffffffff81050d60>] load_microcode_amd.isra.0+0x1d0/0x400
>     [<ffffffff81051053>] request_microcode_amd+0xc3/0x160
>     [<ffffffff8104eef1>] reload_store+0xe1/0x170
>     [<ffffffff814dd228>] dev_attr_store+0x18/0x30
>     [<ffffffff812ce8ca>] sysfs_kf_write+0x3a/0x50
>     [<ffffffff812ce38f>] kernfs_fop_write+0xff/0x180
>     [<ffffffff81242307>] __vfs_write+0x37/0x170
>     [<ffffffff81243892>] vfs_write+0xb2/0x1b0
>     [<ffffffff81244ec5>] SyS_write+0x55/0xc0
>     [<ffffffff81003857>] do_syscall_64+0x67/0x150
>     [<ffffffff8176d3e7>] return_from_SYSCALL_64+0x0/0x6a
>     [<ffffffffffffffff>] 0xffffffffffffffff
> 
> (gdb) list *0xffffffff81050d60
> 0xffffffff81050d60 is in load_microcode_amd
>               (arch/x86/kernel/cpu/microcode/amd.c:616).
> 
> Signed-off-by: Shu Wang <shuwang@...hat.com>
> ---
>  arch/x86/kernel/cpu/microcode/amd.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)

Applied, thanks.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.
--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ