2809606768
A review of the code showed, that this function which is exposed within the whole kernel should do a parameter check for the amount of bytes requested. If this requested bytes is too high an unsigned int overflow could happen causing this function to try to memcpy a really big memory chunk. This is not a security issue as there are only two invocations of this function from arch/s390/include/asm/archrandom.h and both are not exposed to userland. Reported-by: Sven Schnelle <svens@linux.ibm.com> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com> |
||
---|---|---|
.. | ||
aes_s390.c | ||
arch_random.c | ||
crc32-vx.c | ||
crc32be-vx.S | ||
crc32le-vx.S | ||
des_s390.c | ||
ghash_s390.c | ||
Makefile | ||
paes_s390.c | ||
prng.c | ||
sha1_s390.c | ||
sha3_256_s390.c | ||
sha3_512_s390.c | ||
sha256_s390.c | ||
sha512_s390.c | ||
sha_common.c | ||
sha.h |