lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5253b448-8fd9-6426-4918-0f13becd9b3b@gnuweeb.org>
Date:   Tue, 1 Mar 2022 14:29:30 +0700
From:   Ammar Faizi <ammarfaizi2@...weeb.org>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tony Luck <tony.luck@...el.com>, linux-edac@...r.kernel.org,
        linux-kernel@...r.kernel.org, gwml@...r.gnuweeb.org,
        x86@...nel.org, stable@...r.kernel.org
Subject: Re: [PATCH 0/2] Two x86 fixes

On 3/1/22 2:23 PM, Ammar Faizi wrote:
> [PATCH 1/2] x86/delay: Fix the wrong asm constraint in `delay_loop()`
> 
> @bp is a local variable, calling mce_threshold_remove_device() when
> threshold_create_bank() fails will not free the @bp. Note that
> mce_threshold_remove_device() frees the @bp only if it's already
> stored in the @threshold_banks per-CPU variable.
> 
> At that point, the @threshold_banks per-CPU variable is still NULL,
> so the mce_threshold_remove_device() will just be a no-op and the
> @bp is leaked.
> 
> Fix this by calling kfree() and early returning when we fail.
> 
> This bug is introduced by commit 6458de97fc15530b544 ("x86/mce/amd:
> Straighten CPU hotplug path") [1].
> 
> Link: https://lore.kernel.org/all/20200403161943.1458-6-bp@alien8.de [1]

Uhh... Wrong cover letter... Sorry... Re-sending now...

-- 
Ammar Faizi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ