iMX/i2som-imx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7436ceb2b78f334e292d72bb3d2ca4d5deb367df
i2som-imx-linux/crypto
History
Ard Biesheuvel 457b67797c crypto: ecdh - avoid buffer overflow in ecdh_set_secret() 
commit 0aa171e9b2 upstream.

Pavel reports that commit 17858b140b ("crypto: ecdh - avoid unaligned
accesses in ecdh_set_secret()") fixes one problem but introduces another:
the unconditional memcpy() introduced by that commit may overflow the
target buffer if the source data is invalid, which could be the result of
intentional tampering.

So check params.key_size explicitly against the size of the target buffer
before validating the key further.

Fixes: 17858b140b ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()")
Reported-by: Pavel Machek <pavel@denx.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-01-12 20:10:20 +01:00
..
asymmetric_keys
async_tx
842.c
ablkcipher.c
acompress.c
aead.c
aegis128.c
aegis128l.c
aegis256.c
aegis.h
aes_generic.c
aes_ti.c
af_alg.c
crypto: af_alg - avoid undefined behavior accessing salg_name
2020-12-30 11:25:48 +01:00
ahash.c
akcipher.c
algapi.c
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
algboss.c
crypto: algboss - don't wait during notifier callback
2020-06-25 15:33:09 +02:00
algif_aead.c
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
2020-10-29 09:54:59 +01:00
algif_hash.c
crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock()
2020-07-09 09:37:10 +02:00
algif_rng.c
algif_skcipher.c
crypto: algif_skcipher - EBUSY on aio should be an error
2020-10-29 09:55:01 +01:00
ansi_cprng.c
anubis.c
api.c
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
arc4.c
authenc.c
authencesn.c
blkcipher.c
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c
cfb.c
chacha20_generic.c
chacha20poly1305.c
cipher.c
cmac.c
compress.c
crc32_generic.c
crc32c_generic.c
crct10dif_common.c
crct10dif_generic.c
cryptd.c
crypto_engine.c
crypto_null.c
crypto_user.c
crypto_wq.c
ctr.c
cts.c
deflate.c
des_generic.c
dh_helper.c
dh.c
drbg.c
ecb.c
ecc_curve_defs.h
ecc.c
ecc.h
ecdh_helper.c
ecdh.c
crypto: ecdh - avoid buffer overflow in ecdh_set_secret()
2021-01-12 20:10:20 +01:00
echainiv.c
fcrypt.c
fips.c
gcm.c
gf128mul.c
ghash-generic.c
hash_info.c
hmac.c
internal.h
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
jitterentropy-kcapi.c
jitterentropy.c
Kconfig
keywrap.c
khazad.c
kpp.c
lrw.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
lz4.c
lz4hc.c
lzo.c
Makefile
mcryptd.c
md4.c
md5.c
memneq.c
michael_mic.c
morus640.c
morus1280.c
pcbc.c
pcrypt.c
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
2020-02-11 04:34:05 -08:00
poly1305_generic.c
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c
rsa_helper.c
rsa-pkcs1pad.c
rsa.c
rsaprivkey.asn1
rsapubkey.asn1
salsa20_generic.c
scatterwalk.c
scompress.c
seed.c
seqiv.c
serpent_generic.c
sha1_generic.c
sha3_generic.c
sha256_generic.c
sha512_generic.c
shash.c
simd.c
skcipher.c
sm3_generic.c
sm4_generic.c
tcrypt.c
tcrypt.h
tea.c
testmgr.c
testmgr.h
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
zstd.c