lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 11 Oct 2020 09:54:36 -0700
From:   Jakub Kicinski <>
To:     Anmol Karn <>
Subject: Re: [Linux-kernel-mentees] [PATCH net] ethtool: strset: Fix out of
 bound read in strset_parse_request()

On Sun, 11 Oct 2020 02:39:29 +0530 Anmol Karn wrote:
> Flag ``ETHTOOL_A_STRSET_COUNTS_ONLY`` tells the kernel to only return the string 
> counts of the sets, but, when req_info->counts_only tries to read the 
> tb[ETHTOOL_A_STRSET_COUNTS_ONLY] it gets out of bound. 
> - net/ethtool/strset.c
> The bug seems to trigger in this line:
> req_info->counts_only = tb[ETHTOOL_A_STRSET_COUNTS_ONLY];
> Fix it by NULL checking for req_info->counts_only while 
> reading from tb[ETHTOOL_A_STRSET_COUNTS_ONLY].
> Reported-by: 
> Link: 
> Signed-off-by: Anmol Karn <>

I think the correct fix for this was already applied to net-next as:

 commit db972e532518 ("ethtool: strset: allow ETHTOOL_A_STRSET_COUNTS_ONLY attr")

Powered by blists - more mailing lists