Re: [PATCH v2 0/5] crypto: dh - input validation fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Nov 05, 2017 at 06:30:43PM -0800, Eric Biggers wrote:
> This series fixes several corner cases in the Diffie-Hellman key
> exchange implementations:
> 
> 1. With the software DH implementation, using a large buffer for 'g'
>    caused a double free.
> 2. With CONFIG_DEBUG_SG=y and the software DH implementation, setting 'p'
>    to 0 caused a BUG_ON().
> 3. With the QAT DH implementation, setting 'key' or 'g' larger than 'p'
>    caused a buffer underflow.
> 
> Note that in kernels configured with CONFIG_KEY_DH_OPERATIONS=y, these
> bugs are reachable by unprivileged users via KEYCTL_DH_COMPUTE.
> 
> Patches 4 and 5 are cleanup only.
> 
> Eric Biggers (5):
>   crypto: dh - Fix double free of ctx->p
>   crypto: dh - Don't permit 'p' to be 0
>   crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
>   crypto: qat - Clean up error handling in qat_dh_set_secret()
>   crypto: dh - Remove pointless checks for NULL 'p' and 'g'

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux