lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 5 Jan 2018 18:38:08 +1100
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     Linus Torvalds <torvalds@...ux-foundation.org>,
        "David S. Miller" <davem@...emloft.net>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Crypto Mailing List <linux-crypto@...r.kernel.org>
Subject: Crypto Fixes for 4.15

Hi Linus: 

This push fixes the following issues:

- Racy use of ctx->rcvused in af_alg.
- algif_aead crash in chacha20poly1305.
- Freeing bogus pointer in pcrypt.
- Build error on MIPS in mpi.
- Memory leak in inside-secure.
- Memory overwrite in inside-secure.
- NULL pointer dereference in inside-secure.
- State corruption in inside-secure.
- Build error without CRYPTO_GF128MUL in chelsio.
- Use after free in n2.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Ténart (3):
      crypto: inside-secure - free requests even if their handling failed
      crypto: inside-secure - fix request allocations in invalidation path
      crypto: inside-secure - do not use areq->result for partial results

Arnd Bergmann (1):
      crypto: chelsio - select CRYPTO_GF128MUL

Eric Biggers (2):
      crypto: chacha20poly1305 - validate the digest size
      crypto: pcrypt - fix freeing pcrypt instances

James Hogan (1):
      lib/mpi: Fix umul_ppmm() for MIPS64r6

Jan Engelhardt (1):
      crypto: n2 - cure use after free

Jonathan Cameron (1):
      crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t

Ofer Heifetz (1):
      crypto: inside-secure - per request invalidation

 crypto/af_alg.c                                |    4 +-
 crypto/algif_aead.c                            |    2 +-
 crypto/algif_skcipher.c                        |    2 +-
 crypto/chacha20poly1305.c                      |    6 +-
 crypto/pcrypt.c                                |   19 ++---
 drivers/crypto/chelsio/Kconfig                 |    1 +
 drivers/crypto/inside-secure/safexcel.c        |    1 +
 drivers/crypto/inside-secure/safexcel_cipher.c |   85 ++++++++++++++++------
 drivers/crypto/inside-secure/safexcel_hash.c   |   89 +++++++++++++++++-------
 drivers/crypto/n2_core.c                       |    3 +
 include/crypto/if_alg.h                        |    5 +-
 lib/mpi/longlong.h                             |   18 ++++-
 12 files changed, 173 insertions(+), 62 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ