| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id:
<174964383100.3294450.3135324219520894757.git-patchwork-notify@kernel.org>
Date: Wed, 11 Jun 2025 12:10:31 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Jakub Raczynski <j.raczynski@...sung.com>
Cc: linux@...linux.org.uk, andrew@...n.ch, hkallweit1@...il.com,
netdev@...r.kernel.org, wenjing.shan@...sung.com
Subject: Re: [PATCH 1/2] net/mdiobus: Fix potential out-of-bounds read/write
access
Hello:
This series was applied to netdev/net.git (main)
by David S. Miller <davem@...emloft.net>:
On Mon, 9 Jun 2025 17:31:46 +0200 you wrote:
> When using publicly available tools like 'mdio-tools' to read/write data
> from/to network interface and its PHY via mdiobus, there is no verification of
> parameters passed to the ioctl and it accepts any mdio address.
> Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,
> but it is possible to pass higher value than that via ioctl.
> While read/write operation should generally fail in this case,
> mdiobus provides stats array, where wrong address may allow out-of-bounds
> read/write.
>
> [...]
Here is the summary with links:
- [1/2] net/mdiobus: Fix potential out-of-bounds read/write access
https://git.kernel.org/netdev/net/c/0e629694126c
- [2/2] net/mdiobus: Fix potential out-of-bounds clause 45 read/write access
https://git.kernel.org/netdev/net/c/260388f79e94
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists