| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <64aedb51-b0b4-d412-b5ad-67d50f12ad8b@huaweicloud.com>
Date: Sun, 9 Oct 2022 11:34:22 +0800
From: Xu Kuohai <xukuohai@...weicloud.com>
To: Stefan Wahren <stefan.wahren@...e.com>,
linux-kernel@...r.kernel.org, linux-clk@...r.kernel.org,
linux-rpi-kernel@...ts.infradead.org,
linux-arm-kernel@...ts.infradead.org
Cc: Michael Turquette <mturquette@...libre.com>,
Stephen Boyd <sboyd@...nel.org>,
Florian Fainelli <f.fainelli@...il.com>,
Broadcom internal kernel review list
<bcm-kernel-feedback-list@...adcom.com>,
Maxime Ripard <maxime@...no.tech>,
Christophe JAILLET <christophe.jaillet@...adoo.fr>,
Xu Kuohai <xukuohai@...wei.com>
Subject: Re: [PATCH] clk: bcm: rpi: Fix an out-of-bound access to
raspberrypi_clk_variants
On 10/9/2022 1:07 AM, Stefan Wahren wrote:
> Hi Xu,
>
> Am 08.10.22 um 16:45 schrieb Xu Kuohai:
>> From: Xu Kuohai <xukuohai@...wei.com>
>>
>> KASAN reports an out-of-bound access to raspberrypi_clk_variants[]:
>>
>> ==================================================================
>> BUG: KASAN: global-out-of-bounds in raspberrypi_clk_probe+0x1dc/0x690
>> Read of size 1 at addr ffffcc7116d615a0 by task kworker/u8:0/8
>>
>> CPU: 1 PID: 8 Comm: kworker/u8:0 Not tainted 6.0.0-rc3-00900-g08f4df4a3c53 raspberrypi#10
>
> this kernel is a little bit older and doesn't contain bc163555603e ("clk: bcm: rpi: Prevent out-of-bounds access").
>
> Can you please check Linux 6.0?
>
Yes, the kernel branch I used was not updated, and the KASAN warning was gone after switching to 6.0 kernel, thanks.
> Best regards
>
Powered by blists - more mailing lists