lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87bkt8ladp.wl-tiwai@suse.de>
Date:   Fri, 29 Jul 2022 08:07:46 +0200
From:   Takashi Iwai <tiwai@...e.de>
To:     Dipanjan Das <mail.dipanjan.das@...il.com>
Cc:     Greg KH <gregkh@...uxfoundation.org>, perex@...ex.cz,
        tiwai@...e.com, consult.awy@...il.com, alsa-devel@...a-project.org,
        linux-kernel@...r.kernel.org, syzkaller@...glegroups.com,
        fleischermarius@...glemail.com, its.priyanka.bose@...il.com
Subject: Re: KASAN: vmalloc-out-of-bounds Write in snd_pcm_hw_params

On Fri, 29 Jul 2022 01:24:12 +0200,
Dipanjan Das wrote:
> 
> On Tue, Jul 26, 2022 at 10:25 PM Takashi Iwai <tiwai@...e.de> wrote:
> >
> > Thanks for the analysis.  A good news is that, at least for the
> > vmalloc() case, it's a kind of false-positive; vmalloc() always takes
> > the full pages, so practically seen, the size is page-aligned.  It's
> > fooling the memory checker, though.
> >
> > But the similar problem could be seen with genalloc calls, and this
> > was fixed by the upstream commit
> > 5c1733e33c888a3cb7f576564d8ad543d5ad4a9e
> >     ALSA: memalloc: Align buffer allocations in page size
> >
> > I suppose you can simply backport this commit to 5.10.y.  Could you
> > confirm that this fixes your problem?
> 
> We confirm that the patch you proposed fixes the problem (blocks the
> reproducer). How do we proceed with getting the issue fixed? Do we
> send a patch according to the steps detailed here:
> https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html?

Don't worry, Greg already picked up the fix commit :)


thanks,

Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ