Hi Herbert, The two patches together fix a kernel crash that can be triggered via AF_ALG when using authenc() with zero plaintext. The changes are also tested to verify that the hashing on null data is still supported. I suspect that the vulnerability fixed with patch 1 is present in abklcipher that was used before the switch to skcipher. Thus, I would suspect in older kernels that this vulnerability is still present. Could you please provide guidance on how to address that issue in such older kernels? Stephan Mueller (2): crypto: skcipher - noop for enc/dec with NULL data crypto: shash - no kmap of zero SG crypto/shash.c | 4 +++- include/crypto/skcipher.h | 6 ++++++ 2 files changed, 9 insertions(+), 1 deletion(-) -- 2.13.5
