iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/crypto
History
Ard Biesheuvel 457b67797c crypto: ecdh - avoid buffer overflow in ecdh_set_secret() 
commit 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 upstream.

Pavel reports that commit 17858b140bf4 ("crypto: ecdh - avoid unaligned
accesses in ecdh_set_secret()") fixes one problem but introduces another:
the unconditional memcpy() introduced by that commit may overflow the
target buffer if the source data is invalid, which could be the result of
intentional tampering.

So check params.key_size explicitly against the size of the target buffer
before validating the key further.

Fixes: 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()")
Reported-by: Pavel Machek <pavel@denx.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-01-12 20:10:20 +01:00
..
asymmetric_keys
crypto: asymmetric_keys - select CRYPTO_HASH where needed
2019-07-26 09:14:13 +02:00
async_tx
async_pq: Remove VLA usage
2018-06-18 20:17:38 +05:30
842.c
crypto: acomp - add support for 842 via scomp
2016-10-25 11:08:33 +08:00
ablkcipher.c
crypto: ablkcipher - fix crash flushing dcache in error path
2018-08-03 18:06:04 +08:00
acompress.c
crypto: acomp - allow registration of multiple acomps
2017-04-21 20:30:50 +08:00
aead.c
crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
2019-03-23 20:09:54 +01:00
aegis128.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis128l.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis256.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis.h
crypto: aegis/generic - fix for big endian systems
2018-11-13 11:08:46 -08:00
aes_generic.c
crypto: aes-generic - drop alignment requirement
2017-02-11 17:50:43 +08:00
aes_ti.c
crypto: aes_ti - disable interrupts while accessing S-box
2019-02-12 19:46:58 +01:00
af_alg.c
crypto: af_alg - avoid undefined behavior accessing salg_name
2020-12-30 11:25:48 +01:00
ahash.c
crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
2019-03-23 20:09:54 +01:00
akcipher.c
crypto: Replaced gcc specific attributes with macros from compiler.h
2017-01-13 00:24:39 +08:00
algapi.c
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
algboss.c
crypto: algboss - don't wait during notifier callback
2020-06-25 15:33:09 +02:00
algif_aead.c
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
2020-10-29 09:54:59 +01:00
algif_hash.c
crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock()
2020-07-09 09:37:10 +02:00
algif_rng.c
net: remove sock_no_poll
2018-05-26 09:16:44 +02:00
algif_skcipher.c
crypto: algif_skcipher - EBUSY on aio should be an error
2020-10-29 09:55:01 +01:00
ansi_cprng.c
crypto: ansi_cprng - Convert to new rng interface
2015-04-22 09:30:18 +08:00
anubis.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
api.c
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
arc4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
authenc.c
crypto: authenc - fix parsing key with misaligned rta_len
2019-01-22 21:40:32 +01:00
authencesn.c
crypto: authencesn - Avoid twice completion call in decrypt path
2019-01-22 21:40:31 +01:00
blkcipher.c
crypto: blkcipher - fix crash flushing dcache in error path
2018-08-03 18:06:04 +08:00
blowfish_common.c
blowfish_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
camellia_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast5_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast6_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast_common.c
cbc.c
crypto: do not free algorithm before using
2018-12-13 09:16:21 +01:00
ccm.c
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
2019-05-22 07:37:43 +02:00
cfb.c
crypto: cfb - remove bogus memcpy() with src == dest
2019-03-23 20:09:40 +01:00
chacha20_generic.c
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
2019-11-20 18:47:11 +01:00
chacha20poly1305.c
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
2019-07-26 09:14:19 +02:00
cipher.c
crypto: remove several VLAs
2018-04-21 00:58:34 +08:00
cmac.c
crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic
2017-02-11 17:52:28 +08:00
compress.c
crypto: api - Remove no-op exit_ops code
2016-10-21 11:03:42 +08:00
crc32_generic.c
crypto: crc32-generic - remove __crc32_le()
2018-05-27 00:12:09 +08:00
crc32c_generic.c
crypto: crc32c-generic - remove cra_alignmask
2018-05-27 00:12:08 +08:00
crct10dif_common.c
crct10dif_generic.c
crypto: crct10dif-generic - fix use via crypto_shash_digest()
2019-05-22 07:37:37 +02:00
cryptd.c
crypto: cryptd - Fix skcipher instance memory leak
2019-07-10 09:53:41 +02:00
crypto_engine.c
crypto: engine - Permit to enqueue all async requests
2018-02-15 23:26:50 +08:00
crypto_null.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
crypto_user.c
crypto: user - fix memory leak in crypto_report
2019-12-13 08:52:48 +01:00
crypto_wq.c
crypto: crypto_wq - Fix late crypto work queue initialization
2014-03-21 21:54:28 +08:00
ctr.c
crypto: remove several VLAs
2018-04-21 00:58:34 +08:00
cts.c
crypto: remove several VLAs
2018-04-21 00:58:34 +08:00
deflate.c
crypto: scomp - add support for deflate rfc1950 (zlib)
2017-04-24 18:11:08 +08:00
des_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
dh_helper.c
crypto: dh - make crypto_dh_encode_key() make robust
2018-08-03 18:06:06 +08:00
dh.c
crypto: dh - fix memory leak
2018-07-20 13:51:21 +08:00
drbg.c
crypto: drbg - in-place cipher operation for CTR
2018-08-03 18:05:48 +08:00
ecb.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
ecc_curve_defs.h
crypto: ecdh - fix typo of P-192 b value
2018-07-20 13:51:22 +08:00
ecc.c
crypto: ecdh - fix big endian bug in ECC library
2019-12-13 08:52:48 +01:00
ecc.h
crypto: ecc - Actually remove stack VLA usage
2018-04-21 00:58:29 +08:00
ecdh_helper.c
crypto: ecdh - return unsigned value for crypto_ecdh_key_len()
2017-10-12 22:55:00 +08:00
ecdh.c
crypto: ecdh - avoid buffer overflow in ecdh_set_secret()
2021-01-12 20:10:20 +01:00
echainiv.c
crypto: echainiv - Remove unused alg/spawn variable
2017-12-22 19:52:45 +11:00
fcrypt.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
fips.c
crypto: fips - Move fips_enabled sysctl into fips.c
2015-04-23 14:18:09 +08:00
gcm.c
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
2019-05-22 07:37:37 +02:00
gf128mul.c
crypto: gf128mul - remove incorrect comment
2017-12-22 19:52:40 +11:00
ghash-generic.c
crypto: ghash - fix unaligned memory access in ghash_setkey()
2019-07-26 09:14:19 +02:00
hash_info.c
keys, trusted: select hash algorithm for TPM2 chips
2015-12-20 15:27:12 +02:00
hmac.c
crypto: hmac - require that the underlying hash algorithm is unkeyed
2017-11-29 13:39:15 +11:00
internal.h
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
jitterentropy-kcapi.c
crypto: jitterentropy - drop duplicate header module.h
2016-11-17 23:34:52 +08:00
jitterentropy.c
crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree"
2015-06-25 23:18:33 +08:00
Kconfig
crypto: aes_ti - disable interrupts while accessing S-box
2019-02-12 19:46:58 +01:00
keywrap.c
crypto: keywrap - Add missing ULL suffixes for 64-bit constants
2017-11-29 17:33:26 +11:00
khazad.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
kpp.c
crypto: Replaced gcc specific attributes with macros from compiler.h
2017-01-13 00:24:39 +08:00
lrw.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
lz4.c
crypto: lz4 - fixed decompress function to return error code
2017-04-10 19:17:27 +08:00
lz4hc.c
crypto: lz4 - fixed decompress function to return error code
2017-04-10 19:17:27 +08:00
lzo.c
treewide: use kv[mz]alloc* rather than opencoded variants
2017-05-08 17:15:13 -07:00
Makefile
crypto: speck - remove Speck
2018-11-13 11:08:46 -08:00
mcryptd.c
crypto: mcryptd - remove pointless wrapper functions
2018-02-15 23:26:45 +08:00
md4.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
md5.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
memneq.c
crypto: memneq - fix for archs without efficient unaligned access
2013-12-09 20:09:12 +08:00
michael_mic.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
morus640.c
crypto: morus - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
morus1280.c
crypto: morus - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
pcbc.c
crypto: pcbc - remove bogus memcpy()s with src == dest
2019-03-23 20:09:55 +01:00
pcrypt.c
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
2020-02-11 04:34:05 -08:00
poly1305_generic.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
proc.c
proc: introduce proc_create_seq{,_data}
2018-05-16 07:23:35 +02:00
ripemd.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
rmd128.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
rmd160.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
rmd256.c
crypto: rmd256 - use swap macro in rmd256_transform
2018-07-27 19:28:36 +08:00
rmd320.c
crypto: rmd320 - use swap macro in rmd320_transform
2018-07-27 19:28:36 +08:00
rng.c
crypto: rng - ensure that the RNG is ready before using
2017-07-28 17:56:00 +08:00
rsa_helper.c
kbuild: rename *-asn1.[ch] to *.asn1.[ch]
2018-04-07 19:04:02 +09:00
rsa-pkcs1pad.c
crypto: fix a memory leak in rsa-kcs1pad's encryption mode
2019-11-20 18:47:44 +01:00
rsa.c
crypto: rsa - Remove unneeded error assignment
2018-04-21 00:58:37 +08:00
rsaprivkey.asn1
crypto: rsa - Store rest of the private key components
2016-07-05 23:05:26 +08:00
rsapubkey.asn1
crypto: akcipher - Changes to asymmetric key API
2015-10-14 22:23:16 +08:00
salsa20_generic.c
crypto: salsa20 - don't access already-freed walk.iv
2019-05-22 07:37:36 +02:00
scatterwalk.c
crypto: scatterwalk - remove 'chain' argument from scatterwalk_crypto_chain()
2018-08-03 18:06:03 +08:00
scompress.c
crypto: scompress - use sgl_alloc() and sgl_free()
2018-01-06 09:18:00 -07:00
seed.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
seqiv.c
crypto: seqiv - Remove unused alg/spawn variable
2017-12-22 19:52:45 +11:00
serpent_generic.c
crypto: serpent - mark __serpent_setkey_sbox noinline
2019-07-26 09:14:13 +02:00
sha1_generic.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
sha3_generic.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
2018-08-03 17:55:12 +08:00
sha256_generic.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
sha512_generic.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
shash.c
crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
2019-03-23 20:09:54 +01:00
simd.c
crypto: simd - correctly take reqsize of wrapped skcipher into account
2018-12-01 09:37:32 +01:00
skcipher.c
crypto: skcipher - Unmap pages after an external error
2019-10-11 18:20:52 +02:00
sm3_generic.c
crypto: sm3 - fix undefined shift by >= width of value
2019-01-22 21:40:31 +01:00
sm4_generic.c
crypto: sm4 - export encrypt/decrypt routines to other drivers
2018-05-05 14:52:51 +08:00
tcrypt.c
crypto: testmgr - add AES-CFB tests
2019-01-09 17:38:44 +01:00
tcrypt.h
crypto: tcrypt - Add ChaCha20/Poly1305 speed tests
2015-07-17 21:20:20 +08:00
tea.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
testmgr.c
crypto: testmgr - fix sizeof() on COMP_BUF_SIZE
2019-12-01 09:16:13 +01:00
testmgr.h
crypto: x86/poly1305 - fix overflow during partial reduction
2019-04-27 09:36:37 +02:00
tgr192.c
crypto: tgr192 - fix unaligned memory access
2020-01-27 14:50:13 +01:00
twofish_common.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
twofish_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
vmac.c
crypto: vmac - remove insecure version with hardcoded nonce
2018-07-01 21:00:44 +08:00
wp512.c
crypto: shash - remove useless setting of type flags
2018-07-09 00:30:24 +08:00
xcbc.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
xor.c
kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK
2017-11-15 18:21:04 -08:00
xts.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
zstd.c
crypto: zstd - Add zstd support
2018-04-21 00:58:30 +08:00