| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191030090819.27b8c169@cakuba.hsd1.ca.comcast.net>
Date: Wed, 30 Oct 2019 09:08:19 -0700
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: Eric Biggers <ebiggers@...nel.org>
Cc: John Fastabend <john.fastabend@...il.com>,
Daniel Borkmann <daniel@...earbox.net>, davem@...emloft.net,
glider@...gle.com, herbert@...dor.apana.org.au,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com,
syzbot <syzbot+9e3b178624a8a2f8fa28@...kaller.appspotmail.com>
Subject: Re: [net/tls] Re: KMSAN: uninit-value in aes_encrypt (2)
On Thu, 24 Oct 2019 10:23:53 -0700, Eric Biggers wrote:
> [+TLS maintainers]
>
> This is a net/tls bug, and probably a duplicate of:
>
> KMSAN: uninit-value in gf128mul_4k_lle (3)
> https://lkml.kernel.org/linux-crypto/000000000000bf2457057b5ccda3@google.com/T/#u
>
> KMSAN: uninit-value in aesti_encrypt
> https://lkml.kernel.org/linux-crypto/000000000000a97a15058c50c52e@google.com/T/#u
>
> See analysis from Alexander Potapenko here which shows that uninitialized memory
> is being passed from TLS subsystem into crypto subsystem:
>
> https://lkml.kernel.org/linux-crypto/CAG_fn=UGCoDk04tL2vB981JmXgo6+-RUPmrTa3dSsK5UbZaTjA@mail.gmail.com/
>
> That was a year ago, with C reproducer, and I've sent several reminders for this
> already. What's the ETA on a fix? Or is TLS subsystem de facto unmaintained?
Re: maintainers it may actually be that the bug is so old the people
who pay attention weren't in the MAINTAINERS yet ;) That'd explain why
Alexander didn't CC us.
Fix posted now:
net/tls: fix sk_msg trim on fallback to copy mode
🤞
Powered by blists - more mailing lists