| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aXnUeQKA63282mYG@google.com>
Date: Wed, 28 Jan 2026 09:18:49 +0000
From: Alice Ryhl <aliceryhl@...gle.com>
To: Carlos Llamas <cmllamas@...gle.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Arve Hjønnevåg" <arve@...roid.com>, Todd Kjos <tkjos@...roid.com>,
Christian Brauner <brauner@...nel.org>, Dmitry Antipov <dmantipov@...dex.ru>,
Al Viro <viro@...iv.linux.org.uk>, NeilBrown <neil@...wn.name>,
Matt Gilbride <mattgilbride@...gle.com>, Wedson Almeida Filho <wedsonaf@...il.com>, Li Li <dualli@...gle.com>,
Paul Moore <paul@...l-moore.com>, kernel-team@...roid.com, linux-kernel@...r.kernel.org,
stable@...r.kernel.org, kernel test robot <lkp@...el.com>
Subject: Re: [PATCH 1/2] rust_binderfs: fix ida_alloc_max() upper bound
On Tue, Jan 27, 2026 at 11:55:10PM +0000, Carlos Llamas wrote:
> The 'max' argument of ida_alloc_max() takes the maximum valid ID and not
> the "count". Using an ID of BINDERFS_MAX_MINOR (1 << 20) for dev->minor
> would exceed the limits of minor numbers (20-bits). Fix this off-by-one
> error by subtracting 1 from the 'max'.
>
> Cc: stable@...r.kernel.org
> Fixes: eafedbc7c050 ("rust_binder: add Rust Binder driver")
> Reported-by: kernel test robot <lkp@...el.com>
> Closes: https://lore.kernel.org/r/202512181203.IOv6IChH-lkp@intel.com/
> Signed-off-by: Carlos Llamas <cmllamas@...gle.com>
For both patches:
Reviewed-by: Alice Ryhl <aliceryhl@...gle.com>
Powered by blists - more mailing lists