lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Dec 2017 19:34:16 +1100 From: Herbert Xu <herbert@...dor.apana.org.au> To: Eric Biggers <ebiggers3@...il.com> Cc: linux-crypto@...r.kernel.org, Martin Willi <martin@...ongswan.org>, Steffen Klassert <steffen.klassert@...unet.com>, linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com, davem@...emloft.net, Eric Biggers <ebiggers@...gle.com>, stable@...r.kernel.org Subject: Re: [PATCH] crypto: chacha20poly1305 - validate the digest size On Mon, Dec 11, 2017 at 12:15:17PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@...gle.com> > > If the rfc7539 template was instantiated with a hash algorithm with > digest size larger than 16 bytes (POLY1305_DIGEST_SIZE), then the digest > overran the 'tag' buffer in 'struct chachapoly_req_ctx', corrupting the > subsequent memory, including 'cryptlen'. This caused a crash during > crypto_skcipher_decrypt(). > > Fix it by, when instantiating the template, requiring that the > underlying hash algorithm has the digest size expected for Poly1305. > > Reproducer: > > #include <linux/if_alg.h> > #include <sys/socket.h> > #include <unistd.h> > > int main() > { > int algfd, reqfd; > struct sockaddr_alg addr = { > .salg_type = "aead", > .salg_name = "rfc7539(chacha20,sha256)", > }; > unsigned char buf[32] = { 0 }; > > algfd = socket(AF_ALG, SOCK_SEQPACKET, 0); > bind(algfd, (void *)&addr, sizeof(addr)); > setsockopt(algfd, SOL_ALG, ALG_SET_KEY, buf, sizeof(buf)); > reqfd = accept(algfd, 0, 0); > write(reqfd, buf, 16); > read(reqfd, buf, 16); > } > > Reported-by: syzbot <syzkaller@...glegroups.com> > Fixes: 71ebc4d1b27d ("crypto: chacha20poly1305 - Add a ChaCha20-Poly1305 AEAD construction, RFC7539") > Cc: <stable@...r.kernel.org> # v4.2+ > Signed-off-by: Eric Biggers <ebiggers@...gle.com> Patch applied. Thanks. -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists