lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2025080118-murky-morbidity-97d1@gregkh>
Date: Fri, 1 Aug 2025 10:29:32 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: WangYuli <wangyuli@...ontech.com>
Cc: alexander.usyskin@...el.com, arnd@...db.de,
	linux-kernel@...r.kernel.org, zhanjun@...ontech.com,
	niecheng1@...ontech.com, guanwentao@...ontech.com
Subject: Re: [PATCH] mei: vsc: fix potential array bounds violation in ACE
 address allocation

On Fri, Aug 01, 2025 at 05:06:00PM +0800, WangYuli wrote:
> When ACE images require dynamic address allocation, the code accesses
> frags[frag_index - 1] without bounds checking. This could lead to:
> 
> - Array underflow if frag_index is 0

How can that happen?  Does this value come from the kernel or from the
hardware?

> - Use of uninitialized fragment data for address calculations
> - Silent failures in address allocation
> 
> Add proper validation before accessing the previous fragment and
> provide clear error messages when validation fails.
> 
> Signed-off-by: WangYuli <wangyuli@...ontech.com>

What commit id does this fix?

How was this tested?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ