lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Apr 2018 00:54:55 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: Stephan Müller <smueller@...onox.de> Cc: Dmitry Vyukov <dvyukov@...gle.com>, "Theodore Y. Ts'o" <tytso@....edu>, Matthew Wilcox <willy@...radead.org>, David Miller <davem@...emloft.net>, linux-crypto@...r.kernel.org, Eric Biggers <ebiggers3@...il.com>, syzbot <syzbot+75397ee3df5c70164154@...kaller.appspotmail.com>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, syzkaller-bugs <syzkaller-bugs@...glegroups.com>, Al Viro <viro@...iv.linux.org.uk> Subject: Re: [PATCH] crypto: drbg - set freed buffers to NULL On Thu, Apr 12, 2018 at 08:40:55AM +0200, Stephan Müller wrote: > Add the Fixes, CC stable tags. > > ---8<--- > > During freeing of the internal buffers used by the DRBG, set the pointer > to NULL. It is possible that the context with the freed buffers is > reused. In case of an error during initialization where the pointers > do not yet point to allocated memory, the NULL value prevents a double > free. > > Cc: stable@...r.kernel.org > Fixes: 3cfc3b9721123 ("crypto: drbg - use aligned buffers") > Signed-off-by: Stephan Mueller <smueller@...onox.de> > Reported-by: syzbot+75397ee3df5c70164154@...kaller.appspotmail.com Patch applied. Thanks. -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists