| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Apr 2021 16:47:22 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org,
syzbot+ac5c11d2959a8b3c4806@...kaller.appspotmail.com,
Alexander Aring <aahringo@...hat.com>,
Stefan Schmidt <stefan@...enfreihafen.org>
Subject: [PATCH 4.4 28/38] net: ieee802154: fix nl802154 del llsec key
From: Alexander Aring <aahringo@...hat.com>
commit 37feaaf5ceb2245e474369312bb7b922ce7bce69 upstream.
This patch fixes a nullpointer dereference if NL802154_ATTR_SEC_KEY is
not set by the user. If this is the case nl802154 will return -EINVAL.
Reported-by: syzbot+ac5c11d2959a8b3c4806@...kaller.appspotmail.com
Signed-off-by: Alexander Aring <aahringo@...hat.com>
Link: https://lore.kernel.org/r/20210221174321.14210-1-aahringo@redhat.com
Signed-off-by: Stefan Schmidt <stefan@...enfreihafen.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
net/ieee802154/nl802154.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/net/ieee802154/nl802154.c
+++ b/net/ieee802154/nl802154.c
@@ -1577,7 +1577,8 @@ static int nl802154_del_llsec_key(struct
struct nlattr *attrs[NL802154_KEY_ATTR_MAX + 1];
struct ieee802154_llsec_key_id id;
- if (nla_parse_nested(attrs, NL802154_KEY_ATTR_MAX,
+ if (!info->attrs[NL802154_ATTR_SEC_KEY] ||
+ nla_parse_nested(attrs, NL802154_KEY_ATTR_MAX,
info->attrs[NL802154_ATTR_SEC_KEY],
nl802154_key_policy))
return -EINVAL;
Powered by blists - more mailing lists