Am Donnerstag, 23. Juni 2016, 18:43:57 schrieb Herbert Xu:
Hi Herbert,
> On Wed, Jun 22, 2016 at 08:29:37PM +0200, Mathias Krause wrote:
> > Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG")
> > accidentally removed the minimum size check for CRYPTO_MSG_GETALG
> > netlink messages. This allows userland to send a truncated
> > CRYPTO_MSG_GETALG message as short as a netlink header only making
> > crypto_report() operate on uninitialized memory by accessing data
> > beyond the end of the netlink message.
> >
> > Fix this be re-adding the minimum required size of CRYPTO_MSG_GETALG
> > messages to the crypto_msg_min[] array.
> >
> > Fixes: 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG")
> > Cc: stable@xxxxxxxxxxxxxxx # v4.2
> > Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx>
> > Cc: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
> > ---
> > This should go on top of crypto-2.6/master.
>
> Patch applied to crypto. Thanks!
Please revert my patch eed1e1afd8d542d9644534c1b712599b5d680007 as requested
by Matthias.
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
