| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <167580939268.351288.874111179458946336.b4-ty@google.com>
Date: Wed, 8 Feb 2023 02:07:02 +0000
From: Sean Christopherson <seanjc@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>, kvm@...r.kernel.org,
Peter Gonda <pgonda@...gle.com>
Cc: Andy Nguyen <theflow@...gle.com>,
Thomas Lendacky <thomas.lendacky@....com>,
David Rientjes <rientjes@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>, stable@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH V2] KVM: sev: Fix potential overflow send|recieve_update_data
On Tue, 07 Feb 2023 09:13:54 -0800, Peter Gonda wrote:
> KVM_SEV_SEND_UPDATE_DATA and KVM_SEV_RECEIVE_UPDATE_DATA have an integer
> overflow issue. Params.guest_len and offset are both 32bite wide, with a
> large params.guest_len the check to confirm a page boundary is not
> crossed can falsely pass:
>
> /* Check if we are crossing the page boundary *
> offset = params.guest_uaddr & (PAGE_SIZE - 1);
> if ((params.guest_len + offset > PAGE_SIZE))
>
> [...]
Applied to kvm-x86 svm, thanks!
[1/1] KVM: sev: Fix potential overflow send|recieve_update_data
https://github.com/kvm-x86/linux/commit/f94f053aa3a5
--
https://github.com/kvm-x86/linux/tree/next
https://github.com/kvm-x86/linux/tree/fixes
Powered by blists - more mailing lists