lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 May 2019 16:00:07 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: Pavel Machek <pavel@...x.de> Cc: stable@...nel.org, kernel list <linux-kernel@...r.kernel.org>, gustavo@...eddedor.com, davem@...emloft.net Subject: Re: net: atm: Spectre v1 fix introduced bug in bcb964012d1b in -stable On Mon, May 20, 2019 at 02:40:14PM +0200, Pavel Machek wrote: > > In lecd_attach, if arg is < 0, it was treated as 0. Spectre v1 fix > changed that. Bug does not exist in mainline AFAICT. > > Signed-off-by: Pavel Machek <pavel@...x.de> > # for 4.19.y > > diff --git a/net/atm/lec.c b/net/atm/lec.c > index ad4f829193f0..ed279cd912f4 100644 > --- a/net/atm/lec.c > +++ b/net/atm/lec.c > @@ -731,7 +731,7 @@ static int lecd_attach(struct atm_vcc *vcc, int arg) > i = arg; > if (arg >= MAX_LEC_ITF) > return -EINVAL; > - i = array_index_nospec(arg, MAX_LEC_ITF); > + i = array_index_nospec(i, MAX_LEC_ITF); > if (!dev_lec[i]) { > int size; > Why is this only for 4.19.y? What is different in Linus's tree that makes this not needed there? thanks, greg k-h
Powered by blists - more mailing lists