This is a note to let you know that I've just added the patch titled crypto: sanitize argument for format string to the 3.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: crypto-sanitize-argument-for-format-string.patch and it can be found in the queue-3.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 1c8fca1d92e14859159a82b8a380d220139b7344 Mon Sep 17 00:00:00 2001 From: Kees Cook <keescook@xxxxxxxxxxxx> Date: Wed, 3 Jul 2013 15:01:15 -0700 Subject: crypto: sanitize argument for format string From: Kees Cook <keescook@xxxxxxxxxxxx> commit 1c8fca1d92e14859159a82b8a380d220139b7344 upstream. The template lookup interface does not provide a way to use format strings, so make sure that the interface cannot be abused accidentally. Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- crypto/algapi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -512,7 +512,8 @@ static struct crypto_template *__crypto_ struct crypto_template *crypto_lookup_template(const char *name) { - return try_then_request_module(__crypto_lookup_template(name), name); + return try_then_request_module(__crypto_lookup_template(name), "%s", + name); } EXPORT_SYMBOL_GPL(crypto_lookup_template); Patches currently in stable-queue which might be from keescook@xxxxxxxxxxxx are queue-3.4/block-do-not-pass-disk-names-as-format-strings.patch queue-3.4/charger-manager-ensure-event-is-not-used-as-format-string.patch queue-3.4/crypto-sanitize-argument-for-format-string.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html