| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cover.1767804050.git.mchehab+huawei@kernel.org> Date: Wed, 7 Jan 2026 17:41:48 +0100 From: Mauro Carvalho Chehab <mchehab+huawei@...nel.org> To: "Rafael J. Wysocki" <rafael@...nel.org>, Ard Biesheuvel <ardb@...nel.org>, Robert Moore <robert.moore@...el.com> Cc: Mauro Carvalho Chehab <mchehab+huawei@...nel.org>, acpica-devel@...ts.linux.dev, linux-acpi@...r.kernel.org, linux-edac@...r.kernel.org, linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org, Ankit Agrawal <ankita@...dia.com>, Borislav Petkov <bp@...en8.de>, Breno Leitao <leitao@...ian.org>, Dave Jiang <dave.jiang@...el.com>, Hanjun Guo <guohanjun@...wei.com>, Huang Yiwei <quic_hyiwei@...cinc.com>, Ingo Molnar <mingo@...nel.org>, Ira Weiny <ira.weiny@...el.com>, Jason Tian <jason@...amperecomputing.com>, Jonathan Cameron <jonathan.cameron@...wei.com>, Len Brown <lenb@...nel.org>, Mauro Carvalho Chehab <mchehab@...nel.org>, Shuai Xue <xueshuai@...ux.alibaba.com>, Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>, Tony Luck <tony.luck@...el.com> Subject: [PATCH v5 0/4] apei/ghes: don't OOPS with bad ARM error CPER records Rafael, Current parsing logic at apei/ghes for ARM Processor Error assumes that the record sizes are correct. Yet, a bad BIOS might produce malformed GHES reports. Worse than that, it may end exposing data from other memory addresses, as the logic may end dumping large portions of the memory. Avoid that by checking the buffer sizes where needed. --- v5: - Changed the name of a var as requested by Jonathan v4: - addressed Jonathan comments; - added two extra patches to prevent other OOM issues. v3: - addressed Shuai feedback; - moved all ghes code to one patch; - fixed a typo and a bad indent; - cleanup the size check logic at ghes.c. Mauro Carvalho Chehab (4): apei/ghes: ARM processor Error: don't go past allocated memory efi/cper: don't go past the ARM processor CPER record buffer apei/ghes: ensure that won't go past CPER allocated record efi/cper: don't dump the entire memory region drivers/acpi/apei/ghes.c | 38 ++++++++++++++++++++++++++++----- drivers/firmware/efi/cper-arm.c | 12 +++++++---- drivers/firmware/efi/cper.c | 8 ++++++- drivers/ras/ras.c | 6 +++++- include/acpi/ghes.h | 1 + include/linux/cper.h | 3 ++- 6 files changed, 56 insertions(+), 12 deletions(-) -- 2.52.0
Powered by blists - more mailing lists