| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Jan 2022 11:07:28 +0100
From: Krzysztof Kozlowski <krzysztof.kozlowski@...onical.com>
To: Jordy Zomer <jordy@...ing.systems>
Cc: davem@...emloft.net, kuba@...nel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, wengjianfeng@...ong.com
Subject: Re: [PATCH v3] nfc: st-nci: Fix potential buffer overflows in
EVT_TRANSACTION
On 11/01/2022 17:45, Jordy Zomer wrote:
> It appears that there are some buffer overflows in EVT_TRANSACTION.
> This happens because the length parameters that are passed to memcpy
> come directly from skb->data and are not guarded in any way.
>
> Signed-off-by: Jordy Zomer <jordy@...ing.systems>
> ---
> drivers/nfc/st-nci/se.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
Looks ok.
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@...onical.com>
Best regards,
Krzysztof
Powered by blists - more mailing lists