| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jan 2020 11:47:55 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Pavel Machek <pavel@...x.de>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Daniel Vetter <daniel.vetter@...el.com>,
syzbot+fb77e97ebf0612ee6914@...kaller.appspotmail.com,
Kees Cook <keescook@...omium.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 4.19 040/115] drm: limit to INT_MAX in create_blob ioctl
On Wed, Jan 08, 2020 at 09:11:48AM +0100, Pavel Machek wrote:
> On Tue 2020-01-07 21:54:10, Greg Kroah-Hartman wrote:
> > From: Daniel Vetter <daniel.vetter@...ll.ch>
> >
> > [ Upstream commit 5bf8bec3f4ce044a223c40cbce92590d938f0e9c ]
> >
> > The hardened usercpy code is too paranoid ever since commit 6a30afa8c1fb
> > ("uaccess: disallow > INT_MAX copy sizes")
>
> > Code itself should have been fine as-is.
> >
> > Link: http://lkml.kernel.org/r/20191106164755.31478-1-daniel.vetter@ffwll.ch
> > Signed-off-by: Daniel Vetter <daniel.vetter@...el.com>
> > Reported-by: syzbot+fb77e97ebf0612ee6914@...kaller.appspotmail.com
> > Fixes: 6a30afa8c1fb ("uaccess: disallow > INT_MAX copy sizes")
>
> There is no such thing as commit 6a30afa8c1fb. Apparently this is
> talking about commit "6d13de1489b6bf539695f96d945de3860e6d5e17", but
> that one is not in 4.19-stable.
>
> Do we need this in 4.19-stable?
Yes.
Powered by blists - more mailing lists