On Tue, Aug 22, 2017 at 05:41:03PM -0700, Megha Dey wrote: > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is > reading ahead beyond its intended data, and causing a crash if the next > block is beyond page boundary: > http://marc.info/?l=linux-crypto-vger&m=149373371023377 > > This patch makes sure that there is no overflow for any buffer length. > > It passes the tests written by Jan Stancek that revealed this problem: > https://github.com/jstancek/sha1-avx2-crash > > This patch fixes reads beyond the number of blocks in the same way it > was done in commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 > ("crypto: x86/sha1 : Fix reads beyond the number of blocks passed"). So all you really want is that specific commit added to the stable kernels? If so, what kernel tree(s)? thanks, greg k-h