lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 25 May 2020 11:52:43 +1000
From:   Daniel Axtens <dja@...ens.net>
To:     Salvatore Bonaccorso <carnil@...ian.org>,
        David Rientjes <rientjes@...gle.com>
Cc:     linux-kernel@...r.kernel.org, viro@...iv.linux.org.uk,
        ajd@...ux.ibm.com, mpe@...erman.id.au,
        syzbot+1e925b4b836afe85a1c6@...kaller-ppc64.appspotmail.com,
        syzbot+587b2421926808309d21@...kaller-ppc64.appspotmail.com,
        syzbot+58320b7171734bf79d26@...kaller.appspotmail.com,
        syzbot+d6074fb08bdb2e010520@...kaller.appspotmail.com,
        Guenter Roeck <linux@...ck-us.net>
Subject: Re: [PATCH v2] relay: handle alloc_percpu returning NULL in relay_open

>> > Check if alloc_percpu returns NULL.
>> > 
>> > This was found by syzkaller both on x86 and powerpc, and the reproducer
>> > it found on powerpc is capable of hitting the issue as an unprivileged
>> > user.
>> > 
>> > Fixes: 017c59c042d0 ("relay: Use per CPU constructs for the relay channel buffer pointers")
>> > Reported-by: syzbot+1e925b4b836afe85a1c6@...kaller-ppc64.appspotmail.com
>> > Reported-by: syzbot+587b2421926808309d21@...kaller-ppc64.appspotmail.com
>> > Reported-by: syzbot+58320b7171734bf79d26@...kaller.appspotmail.com
>> > Reported-by: syzbot+d6074fb08bdb2e010520@...kaller.appspotmail.com
>> > Cc: Akash Goel <akash.goel@...el.com>
>> > Cc: Andrew Donnellan <ajd@...ux.ibm.com> # syzkaller-ppc64
>> > Reviewed-by: Michael Ellerman <mpe@...erman.id.au>
>> > Reviewed-by: Andrew Donnellan <ajd@...ux.ibm.com>
>> > Cc: stable@...r.kernel.org # v4.10+
>> > Signed-off-by: Daniel Axtens <dja@...ens.net>
>> 
>> Acked-by: David Rientjes <rientjes@...gle.com>
>
> It looks this one was never applied (which relates to CVE-2019-19462,
> as pointed by Guenter in 20191223163610.GA32267@...ck-us.net).
>
> Whas this lost or are there any issues pending?

I'm not aware of any pending issues.

(But, if anyone does have any objections I'm happy to revise the patch.)

Regards,
Daniel

Powered by blists - more mailing lists