lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 13 Nov 2023 11:10:24 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Shigeru Yoshida <syoshida@...hat.com>
Cc: jmaloy@...hat.com, ying.xue@...driver.com, davem@...emloft.net,
 edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
 netdev@...r.kernel.org, tipc-discussion@...ts.sourceforge.net,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] tipc: Fix kernel-infoleak due to uninitialized TLV value

Hello:

This patch was applied to netdev/net.git (main)
by David S. Miller <davem@...emloft.net>:

On Sat, 11 Nov 2023 01:39:47 +0900 you wrote:
> KMSAN reported the following kernel-infoleak issue:
> 
> =====================================================
> BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
> BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]
> BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]
> BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
> BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]
> BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x4ec/0x2bc0 lib/iov_iter.c:186
>  instrument_copy_to_user include/linux/instrumented.h:114 [inline]
>  copy_to_user_iter lib/iov_iter.c:24 [inline]
>  iterate_ubuf include/linux/iov_iter.h:29 [inline]
>  iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
>  iterate_and_advance include/linux/iov_iter.h:271 [inline]
>  _copy_to_iter+0x4ec/0x2bc0 lib/iov_iter.c:186
>  copy_to_iter include/linux/uio.h:197 [inline]
>  simple_copy_to_iter net/core/datagram.c:532 [inline]
>  __skb_datagram_iter.5+0x148/0xe30 net/core/datagram.c:420
>  skb_copy_datagram_iter+0x52/0x210 net/core/datagram.c:546
>  skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]
>  netlink_recvmsg+0x43d/0x1630 net/netlink/af_netlink.c:1967
>  sock_recvmsg_nosec net/socket.c:1044 [inline]
>  sock_recvmsg net/socket.c:1066 [inline]
>  __sys_recvfrom+0x476/0x860 net/socket.c:2246
>  __do_sys_recvfrom net/socket.c:2264 [inline]
>  __se_sys_recvfrom net/socket.c:2260 [inline]
>  __x64_sys_recvfrom+0x130/0x200 net/socket.c:2260
>  do_syscall_x64 arch/x86/entry/common.c:51 [inline]
>  do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82
>  entry_SYSCALL_64_after_hwframe+0x63/0x6b
> 
> [...]

Here is the summary with links:
  - [net] tipc: Fix kernel-infoleak due to uninitialized TLV value
    https://git.kernel.org/netdev/net/c/fb317eb23b5e

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ