Re: [PATCH] X.509: Fix the time validation [ver #3]

From: Alexander Holler
Date: Thu Dec 10 2015 - 04:23:53 EST

Next message: Wangnan (F): "Re: [PATCH 2/2] perf tools: Prevent calling machine__delete() on non-allocated machine"
Previous message: Viresh Kumar: "Re: [PATCH v6.1 08/10] cpufreq: st: Provide runtime initialised driver for ST's platforms"
Next in thread: Alexander Holler: "Re: [PATCH] X.509: Fix the time validation [ver #3]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 12.11.2015 um 12:38 schrieb David Howells:

This fixes CVE-2015-5327. It affects kernels from 4.3-rc1 onwards.

Fix the X.509 time validation to use month number-1 when looking up the
number of days in that month. Also put the month number validation before
doing the lookup so as not to risk overrunning the array.

I've just run into this with 4.3.1 (mon_len ended up with 0 because of the wrong index). Which means currently build stable kernels with signature verification might not load modules (depending on which value the invalid index mon_len (12) ends up with.

Regards,

Alexander Holler

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Wangnan (F): "Re: [PATCH 2/2] perf tools: Prevent calling machine__delete() on non-allocated machine"
Previous message: Viresh Kumar: "Re: [PATCH v6.1 08/10] cpufreq: st: Provide runtime initialised driver for ST's platforms"
Next in thread: Alexander Holler: "Re: [PATCH] X.509: Fix the time validation [ver #3]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]