lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4670491.LvFx2qVVIh@ripper>
Date: Mon, 04 Aug 2025 10:18:53 +0200
From: Sven Eckelmann <sven@...fation.org>
To: chris.packham@...iedtelesis.co.nz, Alex Guo <alexguo1023@...il.com>
Cc: alexguo1023@...il.com, andi.shyti@...nel.org, linux-i2c@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject:
 Re: [PATCH] i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer

On Monday, 16 June 2025 01:52:48 CEST Alex Guo wrote:
> The data->block[0] variable comes from user. Without proper check,
> the variable may be very large to cause an out-of-bounds bug.
> 
> Fix this bug by checking the value of data->block[0] first.
> 
> Similar commit:
> 1. commit 39244cc7548 ("i2c: ismt: Fix an out-of-bounds bug in
> ismt_access()")
> 2. commit 92fbb6d1296 ("i2c: xgene-slimpro: Fix out-of-bounds
> bug in xgene_slimpro_i2c_xfer()")
[...]

Please correct me but it looks like this fix was not yet applied to the tree. 
But Chris Packham pointed out that this conflicts with my fixes for SMBUS/
SMBUS_I2C.

I would like to add my patchset on top of this (to avoid problems with stable 
submission) and add the Fixes: and Cc: stable@...r.kernel.org.

I hope it is ok for you when I would pick this up. I would resubmit the fixes 
patchset this evening (GMT+2).

You can preview it at 
https://git.open-mesh.org/linux-merge.git/log/?h=b4/i2c-rtl9300-multi-byte

Kind regards,
	Sven

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ