| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3457723b-826e-fbfe-be10-752241bd9224@embeddedor.com>
Date: Tue, 7 Aug 2018 11:35:23 -0500
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Zhenyu Wang <zhenyuw@...ux.intel.com>
Cc: Zhi Wang <zhi.a.wang@...el.com>,
Jani Nikula <jani.nikula@...ux.intel.com>,
Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>,
Rodrigo Vivi <rodrigo.vivi@...el.com>,
David Airlie <airlied@...ux.ie>,
intel-gfx@...ts.freedesktop.org,
intel-gvt-dev@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
dri-devel@...ts.freedesktop.org
Subject: Re: [PATCH] drm/i915/kvmgt: Fix potential Spectre v1
Hi Zhenyu,
On 8/6/18 9:26 PM, Zhenyu Wang wrote:
> On 2018.08.02 22:40:19 -0500, Gustavo A. R. Silva wrote:
>> info.index can be indirectly controlled by user-space, hence leading
>> to a potential exploitation of the Spectre variant 1 vulnerability.
>>
>> This issue was detected with the help of Smatch:
>>
>> drivers/gpu/drm/i915/gvt/kvmgt.c:1232 intel_vgpu_ioctl() warn:
>> potential spectre issue 'vgpu->vdev.region' [r]
>>
>> Fix this by sanitizing info.index before indirectly using it to index
>> vgpu->vdev.region
>
> Thanks for catching this! Applied.
>
Glad to help. :)
Thanks
--
Gustavo
Powered by blists - more mailing lists