iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/char/tpm
History
Dan Carpenter 18f0fb57a9 tpm: Check for integer overflow in tpm2_map_response_body() 
commit a0bcce2b2a169e10eb265c8f0ebdd5ae4c875670 upstream.

The "4 * be32_to_cpu(data->count)" multiplication can potentially
overflow which would lead to memory corruption.  Add a check for that.

Cc: stable@vger.kernel.org
Fixes: 745b361e989a ("tpm: infrastructure for TPM spaces")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-11-17 09:48:17 +01:00
..
eventlog
tpm: vtpm_proxy: Avoid reading host log when using a virtual device
2021-05-11 14:04:15 +02:00
st33zp24
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 399
2019-06-05 17:37:12 +02:00
Kconfig
tpm/tpm_ftpm_tee: A driver for firmware TPM running inside TEE
2019-09-02 17:08:35 +03:00
Makefile
tpm/tpm_ftpm_tee: A driver for firmware TPM running inside TEE
2019-09-02 17:08:35 +03:00
tpm1-cmd.c
tpm: tpm_ibm_vtpm: Fix unallocated banks
2019-08-05 00:55:00 +03:00
tpm2-cmd.c
tpm: fix error return code in tpm2_get_cc_attrs_tbl()
2021-05-19 10:08:20 +02:00
tpm2-space.c
tpm: Check for integer overflow in tpm2_map_response_body()
2021-11-17 09:48:17 +01:00
tpm_atmel.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_atmel.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_crb.c
tpm_crb: fix fTPM on AMD Zen+ CPUs
2020-10-01 13:17:17 +02:00
tpm_ftpm_tee.c
tpm_ftpm_tee: Free and unregister TEE shared memory during kexec
2021-08-12 13:21:01 +02:00
tpm_ftpm_tee.h
tpm/tpm_ftpm_tee: A driver for firmware TPM running inside TEE
2019-09-02 17:08:35 +03:00
tpm_i2c_atmel.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
tpm_i2c_infineon.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_i2c_nuvoton.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
tpm_ibmvtpm.c
tpm: ibmvtpm: Wait for buffer to be set before proceeding
2020-10-01 13:17:42 +02:00
tpm_ibmvtpm.h
tpm: ibmvtpm: Wait for buffer to be set before proceeding
2020-10-01 13:17:42 +02:00
tpm_infineon.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_nsc.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_ppi.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_tis_core.c
tpm, tpm_tis: Reserve locality in tpm_tis_resume()
2021-05-19 10:08:20 +02:00
tpm_tis_core.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_tis_spi.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm_tis.c
tpm_tis: Disable interrupts on ThinkPad T490s
2020-11-18 19:20:25 +01:00
tpm_vtpm_proxy.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm-chip.c
tpm: Unify the mismatching TPM space buffer sizes
2020-08-19 08:16:27 +02:00
tpm-dev-common.c
tpm: Fix TIS locality timeout problems
2020-07-09 09:37:51 +02:00
tpm-dev.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
tpm-dev.h
tpm: Handle negative priv->response_len in tpm_common_read()
2020-01-14 20:08:21 +01:00
tpm-interface.c
tpm: fix wrong return value in tpm_pcr_extend
2020-04-29 16:33:16 +02:00
tpm-sysfs.c
tpm: Remove a deprecated comments about implicit sysfs locking
2019-09-02 17:08:35 +03:00
tpm.h
tpm: Unify the mismatching TPM space buffer sizes
2020-08-19 08:16:27 +02:00
tpmrm-dev.c
tpm: Unify the mismatching TPM space buffer sizes
2020-08-19 08:16:27 +02:00
xen-tpmfront.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00