| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Feb 2024 06:17:10 -0800 From: syzbot <syzbot+60a66d44892b66b56545@...kaller.appspotmail.com> To: linux-kernel@...r.kernel.org Subject: Re: [syzbot] [syzbot] [wpan?] KMSAN: uninit-value in ieee802154_hdr_push (2) For archival purposes, forwarding an incoming command email to linux-kernel@...r.kernel.org. *** Subject: [syzbot] [wpan?] KMSAN: uninit-value in ieee802154_hdr_push (2) Author: n.zhandarovich@...tech.ru If cb->secen_override == 0 but cb->secen == 1 mac802154_set_header_security() will not finish with error yet some values in sec header will remain uninited. Fix the issue by only checking cb->secen. #syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master --- net/mac802154/iface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/mac802154/iface.c b/net/mac802154/iface.c index c0e2da5072be..ad799d349625 100644 --- a/net/mac802154/iface.c +++ b/net/mac802154/iface.c @@ -328,7 +328,7 @@ static int mac802154_set_header_security(struct ieee802154_sub_if_data *sdata, mac802154_llsec_get_params(&sdata->sec, ¶ms); - if (!params.enabled && cb->secen_override && cb->secen) + if (!params.enabled && cb->secen) return -EINVAL; if (!params.enabled || (cb->secen_override && !cb->secen) ||
Powered by blists - more mailing lists