| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <164881081189.13357.4560664989806441504.git-patchwork-notify@kernel.org>
Date: Fri, 01 Apr 2022 11:00:11 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Ziyang Xuan <william.xuanziyang@...wei.com>
Cc: borisp@...dia.com, john.fastabend@...il.com, daniel@...earbox.net,
kuba@...nel.org, davem@...emloft.net, pabeni@...hat.com,
netdev@...r.kernel.org, vakul.garg@....com, davejwatson@...com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH net v2] net/tls: fix slab-out-of-bounds bug in
decrypt_internal
Hello:
This patch was applied to netdev/net.git (master)
by David S. Miller <davem@...emloft.net>:
On Thu, 31 Mar 2022 15:04:28 +0800 you wrote:
> The memory size of tls_ctx->rx.iv for AES128-CCM is 12 setting in
> tls_set_sw_offload(). The return value of crypto_aead_ivsize()
> for "ccm(aes)" is 16. So memcpy() require 16 bytes from 12 bytes
> memory space will trigger slab-out-of-bounds bug as following:
>
> ==================================================================
> BUG: KASAN: slab-out-of-bounds in decrypt_internal+0x385/0xc40 [tls]
> Read of size 16 at addr ffff888114e84e60 by task tls/10911
>
> [...]
Here is the summary with links:
- [net,v2] net/tls: fix slab-out-of-bounds bug in decrypt_internal
https://git.kernel.org/netdev/net/c/9381fe8c849c
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists