Re: af_key: pfkey_dump needs parameter validation

From: Steffen Klassert
Date: Wed Jul 22 2020 - 05:33:25 EST

Next message: Vaibhav Gupta: "[PATCH v2] crypto: ccp: sp-pci: use generic power management"
Previous message: Srinivas Kandagatla: "Re: [PATCH v2 1/1] nvmem: qcom-spmi-sdam: Enable multiple devices"
In reply to: Mark Salyzyn: "af_key: pfkey_dump needs parameter validation"
Next in thread: Mark Salyzyn: "Re: af_key: pfkey_dump needs parameter validation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 21, 2020 at 06:23:54AM -0700, Mark Salyzyn wrote:
> In pfkey_dump() dplen and splen can both be specified to access the
> xfrm_address_t structure out of bounds in__xfrm_state_filter_match()
> when it calls addr_match() with the indexes. Return EINVAL if either
> are out of range.
>
> Signed-off-by: Mark Salyzyn <salyzyn@xxxxxxxxxxx>
> Cc: netdev@xxxxxxxxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx
> Cc: kernel-team@xxxxxxxxxxx
> ---
> Should be back ported to the stable queues because this is a out of
> bounds access.

Please do a v2 and add a proper 'Fixes' tag if this is a fix that
needs to be backported.

Thanks!

Next message: Vaibhav Gupta: "[PATCH v2] crypto: ccp: sp-pci: use generic power management"
Previous message: Srinivas Kandagatla: "Re: [PATCH v2 1/1] nvmem: qcom-spmi-sdam: Enable multiple devices"
In reply to: Mark Salyzyn: "af_key: pfkey_dump needs parameter validation"
Next in thread: Mark Salyzyn: "Re: af_key: pfkey_dump needs parameter validation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]