| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Sep 2021 15:55:42 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Dongliang Mu <mudongliangabcd@...il.com>
Cc: stable@...r.kernel.org,
Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>,
George Kennedy <george.kennedy@...cle.com>,
syzbot+e5fd3e65515b48c02a30@...kaller.appspotmail.com,
Dan Carpenter <dan.carpenter@...cle.com>,
Dhaval Giani <dhaval.giani@...cle.com>,
Sasha Levin <sashal@...nel.org>,
dri-devel@...ts.freedesktop.org, linux-fbdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4.19] fbmem: add margin check to fb_check_caps()
On Thu, Sep 02, 2021 at 02:10:48PM +0800, Dongliang Mu wrote:
> [ Upstream commit a49145acfb975d921464b84fe00279f99827d816 ]
>
> A fb_ioctl() FBIOPUT_VSCREENINFO call with invalid xres setting
> or yres setting in struct fb_var_screeninfo will result in a
> KASAN: vmalloc-out-of-bounds failure in bitfill_aligned() as
> the margins are being cleared. The margins are cleared in
> chunks and if the xres setting or yres setting is a value of
> zero upto the chunk size, the failure will occur.
>
> Add a margin check to validate xres and yres settings.
>
> Note that, this patch needs special handling to backport it to linux
> kernel 4.19, 4.14, 4.9, 4.4.
Looks like this is already in the 4.4.283, 4.9.282, 4.14.246, and
4.19.206 kernel releases. Can you check them to verify that it matches
your backport as well?
thanks,
greg k-h
Powered by blists - more mailing lists