lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3457723b-826e-fbfe-be10-752241bd9224@embeddedor.com>
Date:   Tue, 7 Aug 2018 11:35:23 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Zhenyu Wang <zhenyuw@...ux.intel.com>
Cc:     Zhi Wang <zhi.a.wang@...el.com>,
        Jani Nikula <jani.nikula@...ux.intel.com>,
        Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>,
        Rodrigo Vivi <rodrigo.vivi@...el.com>,
        David Airlie <airlied@...ux.ie>,
        intel-gfx@...ts.freedesktop.org,
        intel-gvt-dev@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
        dri-devel@...ts.freedesktop.org
Subject: Re: [PATCH] drm/i915/kvmgt: Fix potential Spectre v1

Hi Zhenyu,

On 8/6/18 9:26 PM, Zhenyu Wang wrote:
> On 2018.08.02 22:40:19 -0500, Gustavo A. R. Silva wrote:
>> info.index can be indirectly controlled by user-space, hence leading
>> to a potential exploitation of the Spectre variant 1 vulnerability.
>>
>> This issue was detected with the help of Smatch:
>>
>> drivers/gpu/drm/i915/gvt/kvmgt.c:1232 intel_vgpu_ioctl() warn:
>> potential spectre issue 'vgpu->vdev.region' [r]
>>
>> Fix this by sanitizing info.index before indirectly using it to index
>> vgpu->vdev.region
> 
> Thanks for catching this! Applied.
> 

Glad to help. :)

Thanks
--
Gustavo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ