lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241128164239.21136-1-n.zhandarovich@fintech.ru>
Date: Thu, 28 Nov 2024 08:42:36 -0800
From: Nikita Zhandarovich <n.zhandarovich@...tech.ru>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Sasha Levin
	<sashal@...nel.org>, <stable@...r.kernel.org>
CC: Nikita Zhandarovich <n.zhandarovich@...tech.ru>, Harald Freudenberger
	<freude@...ux.ibm.com>, Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik
	<gor@...ux.ibm.com>, Christian Borntraeger <borntraeger@...ibm.com>, "Holger
 Dengler" <dengler@...ux.ibm.com>, Alexander Gordeev <agordeev@...ux.ibm.com>,
	<linux-s390@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
	<lvc-project@...uxtesting.org>
Subject: [PATCH 6.6 0/3] Backport fixes for CVE-2024-42155, CVE-2024-42156 and CVE-2024-42158

This series addresses several s390 driver vulnerabilities related to
improper handling of sensitive keys-related material and its lack
of proper disposal in stable kernel branches. These issues have been
announced as CVE-2024-42155 [1], CVE-2024-42156 [2] and
CVE-2024-42158 [4] and fixed in upstream. Another problem named as
CVE-2024-42157 [3] has already been successfully backported.

All patches have been cherry-picked and are ready to be cleanly
applied to 6.6 stable branch. Backports for 5.10/5.15 [5] and 6.1 [6]
have already been sent.

[PATCH 6.6 1/3] s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
Use kfree_sensitive() instead of kfree() and memzero_explicit().
Fixes CVE-2024-42158.

[PATCH 6.6 2/3] s390/pkey: Wipe copies of clear-key structures on failure
Properly wipe sensitive key material from stack for IOCTLs that
deal with clear-key conversion.
Fixes CVE-2024-42156.
Note: this patch has already been sent separately by Bin Lan
<bin.lan.cn@...driver.com>, see [7].

[PATCH 6.6 3/3] s390/pkey: Wipe copies of protected- and secure-keys
Properly wipe key copies from stack for affected IOCTLs.
Fixes CVE-2024-42155.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-42155
[2] https://nvd.nist.gov/vuln/detail/CVE-2024-42156
[3] https://nvd.nist.gov/vuln/detail/CVE-2024-42157
[4] https://nvd.nist.gov/vuln/detail/CVE-2024-42158
[5] https://lore.kernel.org/all/20241128142245.18136-1-n.zhandarovich@fintech.ru/
[6] https://lore.kernel.org/all/20241128153337.19666-1-n.zhandarovich@fintech.ru/
[7] https://lore.kernel.org/all/20241121081222.3792207-1-bin.lan.cn@windriver.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ