| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250512170702.1f6d0c07@kernel.org> Date: Mon, 12 May 2025 17:07:02 -0700 From: Jakub Kicinski <kuba@...nel.org> To: Sagi Maimon <maimon.sagi@...il.com> Cc: jonathan.lemon@...il.com, vadim.fedorenko@...ux.dev, richardcochran@...il.com, andrew+netdev@...n.ch, davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH v2] ptp: ocp: Limit SMA/signal/freq counts in show/store functions On Sun, 11 May 2025 17:39:08 +0300 Sagi Maimon wrote: > > > > What do you mean by out-of-bounds access here. Is there any access with > > > > index > 4 possible? Or just with index > 1 for Adva? > > The sysfs interface restricts indices to a maximum of 4; however, > since an array of 4 signals/frequencies is always created and fully > accessible via sysfs—regardless of the actual number initialized—this > bug impacts any board that initializes fewer than 4 > signals/frequencies. Right, but the bug is that user may write to registers which don't exist? Or something will crash? We need to give backporters more info about the impact of this bug. Can this crash the kernel? As for sysfs exposing 4 entries, I think it's controlled by what groups of attributes are added. So I think were possible we should create attribute groups with only 2 entries for Adva. Eg. copy fb_timecard_groups[] with just the correct entries, and in ptp_ocp_fb_board_init() add an if which selects the right array.
Powered by blists - more mailing lists