Re: KASAN: use-after-free Read in sha512_ctx_mgr_resubmit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2018-08-22 at 14:20 +0800, Herbert Xu wrote:
> On Tue, Aug 21, 2018 at 02:43:56PM +0200, Ard Biesheuvel wrote:
> >
> > I agree. The code is obviously broken in a way that would have been
> > noticed if it were in wide use, and it is too complicated for mere
> > mortals to fix or maintain. I suggest we simply remove it for now, and
> > if anyone wants to reintroduce it, we can review the code *and* the
> > justification for the approach from scratch (in which case we should
> > consider factoring out the algo agnostics plumbing in a way that
> > allows it to be reused by other architectures as well)
> 
> I agree too.  Could one of you guys send me a patch to remove
> them?
> 

Hi,

We are working on a fix to solve these corner cases.

-Megha
> Thanks,





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux