[linux] 01/01: crypto: ecc - Fix NULL pointer deref. on no default_rng

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Fri Feb 2 19:44:19 UTC 2018


This is an automated email from the git hooks/post-receive script.

carnil pushed a commit to branch sid
in repository linux.

commit a870b2741a738d8caa1a3adf50167defd102f9c4
Author: Salvatore Bonaccorso <carnil at debian.org>
Date:   Fri Feb 2 20:42:12 2018 +0100

    crypto: ecc - Fix NULL pointer deref. on no default_rng
    
    Closes: #886556
---
 debian/changelog                                   |  1 +
 ...fix-null-pointer-deref.-on-no-default_rng.patch | 37 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 39 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 3639814..86ddb53 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -274,6 +274,7 @@ linux (4.14.16-1) UNRELEASED; urgency=medium
   * loop: fix concurrent lo_open/lo_release (CVE-2018-5344)
   * [rt] Update to 4.14.15-rt11
   * [rt] Update to 4.14.15-rt13
+  * crypto: ecc - Fix NULL pointer deref. on no default_rng (Closes: #886556)
 
   [ Ben Hutchings ]
   * bpf: Avoid ABI change in 4.14.14
diff --git a/debian/patches/bugfix/all/crypto-ecc-fix-null-pointer-deref.-on-no-default_rng.patch b/debian/patches/bugfix/all/crypto-ecc-fix-null-pointer-deref.-on-no-default_rng.patch
new file mode 100644
index 0000000..4538ab6
--- /dev/null
+++ b/debian/patches/bugfix/all/crypto-ecc-fix-null-pointer-deref.-on-no-default_rng.patch
@@ -0,0 +1,37 @@
+From: Pierre <pinaraf at pinaraf.info>
+Date: Sun, 12 Nov 2017 15:24:32 +0100
+Subject: crypto: ecc - Fix NULL pointer deref. on no default_rng
+Origin: https://git.kernel.org/linus/4c0e22c90510308433272d7ba281b1eb4eda8209
+Bug-Debian: https://bugs.debian.org/886556
+
+If crypto_get_default_rng returns an error, the
+function ecc_gen_privkey should return an error.
+Instead, it currently tries to use the default_rng
+nevertheless, thus creating a kernel panic with a
+NULL pointer dereference.
+Returning the error directly, as was supposedly
+intended when looking at the code, fixes this.
+
+Signed-off-by: Pierre Ducroquet <pinaraf at pinaraf.info>
+Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar at gmail.com>
+Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
+---
+ crypto/ecc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/crypto/ecc.c b/crypto/ecc.c
+index 633a9bcdc574..18f32f2a5e1c 100644
+--- a/crypto/ecc.c
++++ b/crypto/ecc.c
+@@ -964,7 +964,7 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey)
+ 	 * DRBG with a security strength of 256.
+ 	 */
+ 	if (crypto_get_default_rng())
+-		err = -EFAULT;
++		return -EFAULT;
+ 
+ 	err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)priv, nbytes);
+ 	crypto_put_default_rng();
+-- 
+2.11.0
+
diff --git a/debian/patches/series b/debian/patches/series
index 8825ed6..a8864c4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -82,6 +82,7 @@ bugfix/all/i40e-i40evf-organize-and-re-number-feature-flags.patch
 bugfix/all/i40e-fix-flags-declaration.patch
 bugfix/all/xen-time-do-not-decrease-steal-time-after-live-migra.patch
 debian/revert-objtool-fix-config_stack_validation-y-warning.patch
+bugfix/all/crypto-ecc-fix-null-pointer-deref.-on-no-default_rng.patch
 
 # Miscellaneous features
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git



More information about the Kernel-svn-changes mailing list