Am Donnerstag, 23. Juni 2016, 18:43:57 schrieb Herbert Xu: Hi Herbert, > On Wed, Jun 22, 2016 at 08:29:37PM +0200, Mathias Krause wrote: > > Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") > > accidentally removed the minimum size check for CRYPTO_MSG_GETALG > > netlink messages. This allows userland to send a truncated > > CRYPTO_MSG_GETALG message as short as a netlink header only making > > crypto_report() operate on uninitialized memory by accessing data > > beyond the end of the netlink message. > > > > Fix this be re-adding the minimum required size of CRYPTO_MSG_GETALG > > messages to the crypto_msg_min[] array. > > > > Fixes: 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") > > Cc: stable@xxxxxxxxxxxxxxx # v4.2 > > Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx> > > Cc: Steffen Klassert <steffen.klassert@xxxxxxxxxxx> > > --- > > This should go on top of crypto-2.6/master. > > Patch applied to crypto. Thanks! Please revert my patch eed1e1afd8d542d9644534c1b712599b5d680007 as requested by Matthias. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html