lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jul 2020 16:49:57 -0700 (PDT) From: David Miller <davem@...emloft.net> To: lkmlabelt@...il.com Cc: kys@...rosoft.com, haiyangz@...rosoft.com, sthemmin@...rosoft.com, wei.liu@...nel.org, linux-hyperv@...r.kernel.org, linux-kernel@...r.kernel.org, mikelley@...rosoft.com, parri.andrea@...il.com, skarade@...rosoft.com, kuba@...nel.org, netdev@...r.kernel.org Subject: Re: [PATCH] hv_netvsc: Add validation for untrusted Hyper-V values From: Andres Beltran <lkmlabelt@...il.com> Date: Tue, 28 Jul 2020 18:53:21 -0400 > For additional robustness in the face of Hyper-V errors or malicious > behavior, validate all values that originate from packets that Hyper-V > has sent to the guest in the host-to-guest ring buffer. Ensure that > invalid values cannot cause indexing off the end of an array, or > subvert an existing validation via integer overflow. Ensure that > outgoing packets do not have any leftover guest memory that has not > been zeroed out. > > Cc: David S. Miller <davem@...emloft.net> > Cc: Jakub Kicinski <kuba@...nel.org> > Cc: netdev@...r.kernel.org > Signed-off-by: Andres Beltran <lkmlabelt@...il.com> I need hyperv maintainer reviews before I will apply this. Thank you.
Powered by blists - more mailing lists