iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
dad5ab0db8
linux/arch/x86
History
Seunghun Han dad5ab0db8 x86/acpi: Prevent out of bound access caused by broken ACPI tables 
The bus_irq argument of mp_override_legacy_irq() is used as the index into
the isa_irq_to_gsi[] array. The bus_irq argument originates from
ACPI_MADT_TYPE_IO_APIC and ACPI_MADT_TYPE_INTERRUPT items in the ACPI
tables, but is nowhere sanity checked.

That allows broken or malicious ACPI tables to overwrite memory, which
might cause malfunction, panic or arbitrary code execution.

Add a sanity check and emit a warning when that triggers.

[ tglx: Added warning and rewrote changelog ]

Signed-off-by: Seunghun Han <kkamagui@gmail.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: security@kernel.org
Cc: "Rafael J. Wysocki" <rjw@rjwysocki.net>
Cc: stable@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-07-20 10:27:59 +02:00
..
boot include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
configs Merge branch 'x86-boot-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-01 20:51:12 -07:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2017-07-14 22:49:50 -07:00
entry Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm 2017-07-08 12:17:25 -07:00
events Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-07-03 18:08:06 -07:00
hyperv char/misc patches for 4.12-rc1 2017-05-04 19:15:35 -07:00
ia32
include x86/mm, KVM: Fix warning when !CONFIG_PREEMPT_COUNT 2017-07-18 10:49:18 +02:00
kernel x86/acpi: Prevent out of bound access caused by broken ACPI tables 2017-07-20 10:27:59 +02:00
kvm kvm: x86: hyperv: make VP_INDEX managed by userspace 2017-07-14 16:28:18 +02:00
lguest Merge branch 'x86-boot-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-01 20:51:12 -07:00
lib include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
math-emu x86/ldt: Rename ldt_struct::size to ::nr_entries 2017-06-08 09:28:21 +02:00
mm x86/mmap: properly account for stack randomization in mmap_base 2017-07-12 16:26:03 -07:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-07-05 12:31:59 -07:00
oprofile
pci pci-v4.13-changes 2017-07-08 15:51:57 -07:00
platform x86/platform/uv/BAU: Fix congested_response_us not taking effect 2017-07-16 11:05:04 +02:00
power x86/boot/e820: Introduce the bootloader provided e820_table_firmware[] table 2017-07-05 10:09:02 +02:00
purgatory kasan: do not sanitize kexec purgatory 2017-03-31 17:13:30 -07:00
ras x86/mce: Merge mce_amd_inj into mce-inject 2017-06-14 07:32:07 +02:00
realmode x86/boot/64: Rename init_level4_pgt and early_level4_pgt 2017-06-13 08:56:55 +02:00
tools
um Merge branch 'for-linus-4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml 2017-07-15 10:49:33 -07:00
video
xen kexec: move vmcoreinfo out of the kernel's .bss section 2017-07-12 16:25:59 -07:00
.gitignore
Kbuild
Kconfig include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
Kconfig.cpu
Kconfig.debug
Makefile Kbuild updates for v4.13 2017-07-07 14:09:24 -07:00
Makefile_32.cpu kbuild: remove cc-option-align 2017-06-25 12:43:00 +09:00
Makefile.um