lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 13 Feb 2024 06:17:10 -0800
From: syzbot <syzbot+60a66d44892b66b56545@...kaller.appspotmail.com>
To: linux-kernel@...r.kernel.org
Subject: Re: [syzbot] [syzbot] [wpan?] KMSAN: uninit-value in
 ieee802154_hdr_push (2)

For archival purposes, forwarding an incoming command email to
linux-kernel@...r.kernel.org.

***

Subject: [syzbot] [wpan?] KMSAN: uninit-value in ieee802154_hdr_push (2)
Author: n.zhandarovich@...tech.ru

If cb->secen_override == 0 but cb->secen == 1
mac802154_set_header_security() will not finish with error yet some
values in sec header will remain uninited. Fix the issue by only
checking cb->secen.

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
---
 net/mac802154/iface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c
index c0e2da5072be..ad799d349625 100644
--- a/net/mac802154/iface.c
+++ b/net/mac802154/iface.c
@@ -328,7 +328,7 @@ static int mac802154_set_header_security(struct ieee802154_sub_if_data *sdata,
 
 	mac802154_llsec_get_params(&sdata->sec, &params);
 
-	if (!params.enabled && cb->secen_override && cb->secen)
+	if (!params.enabled && cb->secen)
 		return -EINVAL;
 	if (!params.enabled ||
 	    (cb->secen_override && !cb->secen) ||

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ