lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20181221.091336.1224184510179321885.davem@davemloft.net>
Date:   Fri, 21 Dec 2018 09:13:36 -0800 (PST)
From:   David Miller <davem@...emloft.net>
To:     john.fastabend@...il.com
Cc:     vakul.garg@....com, netdev@...r.kernel.org, daniel@...earbox.net,
        davejwatson@...com
Subject: Re: [PATCH net-next] Prevent overflow of sk_msg in sk_msg_clone()

From: John Fastabend <john.fastabend@...il.com>
Date: Fri, 21 Dec 2018 08:19:36 -0800

> On 12/21/18 7:55 AM, Vakul Garg wrote:
>> Fixed function sk_msg_clone() to prevent overflow of 'dst' while adding
>> pages in scatterlist entries. The overflow of 'dst' causes crash in kernel
>> tls module while doing record encryption.
>> 
>> Crash fixed by this patch.
 ...
>> Signed-off-by: Vakul Garg <vakul.garg@....com>
>> Fixes: d829e9c4112b ("tls: convert to generic sk_msg interface")
> 
> Seems we only checked it upfront not as pages were being added. Thanks!
> 
> Acked-by: John Fastabend <john.fastabend@...il.com>

Since this is a bug fix I've applied this to 'net'.

Also, Vakul, always put the Fixes: tag first in the list of tags.

I fixed it up for you this time.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ