lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aThTRWe3iHB7HQAZ@horms.kernel.org>
Date: Tue, 9 Dec 2025 16:50:13 +0000
From: Simon Horman <horms@...nel.org>
To: Jijie Shao <shaojijie@...wei.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
	pabeni@...hat.com, andrew+netdev@...n.ch, shenjian15@...wei.com,
	liuyonglong@...wei.com, chenhao418@...wei.com, lantao5@...wei.com,
	huangdonghua3@...artners.com, yangshuaisong@...artners.com,
	jonathan.cameron@...wei.com, salil.mehta@...wei.com,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net 3/3] net: hns3: add VLAN id validation before using

On Tue, Dec 09, 2025 at 09:38:25PM +0800, Jijie Shao wrote:
> From: Jian Shen <shenjian15@...wei.com>
> 
> Currently, the VLAN id may be used without validation when
> receive a VLAN configuration mailbox from VF. It may cause
> out-of-bounds memory access once the VLAN id is bigger than
> 4095.
> 
> Fixes: fe4144d47eef ("net: hns3: sync VLAN filter entries when kill VLAN ID failed")
> Signed-off-by: Jian Shen <shenjian15@...wei.com>
> Signed-off-by: Jijie Shao <shaojijie@...wei.com>

Hi Jijie,

Can you clarify that the (only) oob access is to vlan_del_fail_bmap?

If so, I agree with this change and that the problem was introduced in
the cited commit. But I think it would be worth mentioning vlan_del_fail_bmap
in the commit message.


...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ