admin/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2025-12-07 20:06:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6e9722e9a7bfe1bbad649937c811076acf86e1fd
linux/security
History
Jarkko Sakkinen 6e9722e9a7 tpm2-sessions: Fix out of range indexing in name_size 
'name_size' does not have any range checks, and it just directly indexes
with TPM_ALG_ID, which could lead into memory corruption at worst.

Address the issue by only processing known values and returning -EINVAL for
unrecognized values.

Make also 'tpm_buf_append_name' and 'tpm_buf_fill_hmac_session' fallible so
that errors are detected before causing any spurious TPM traffic.

End also the authorization session on failure in both of the functions, as
the session state would be then by definition corrupted.

Cc: stable@vger.kernel.org # v6.10+
Fixes: 1085b8276b ("tpm: Add the rest of the session HMAC API")
Reviewed-by: Jonathan McDowell <noodles@meta.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2025-12-05 06:31:07 +02:00
..
apparmor
Merge tag 'lsm-pr-20251201' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
2025-12-03 09:53:48 -08:00
bpf
lsm: replace the name field with a pointer to the lsm_id struct
2025-10-22 19:24:18 -04:00
integrity
Merge tag 'integrity-v6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
2025-12-03 11:08:03 -08:00
ipe
Merge tag 'ipe-pr-20251202' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe
2025-12-03 11:19:34 -08:00
keys
tpm2-sessions: Fix out of range indexing in name_size
2025-12-05 06:31:07 +02:00
landlock
Merge tag 'lsm-pr-20251201' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
2025-12-03 09:53:48 -08:00
loadpin
loadpin: move initcalls to the LSM framework
2025-10-22 19:24:25 -04:00
lockdown
lockdown: move initcalls to the LSM framework
2025-10-22 19:24:27 -04:00
safesetid
safesetid: move initcalls to the LSM framework
2025-10-22 19:24:26 -04:00
selinux
Merge tag 'integrity-v6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
2025-12-03 11:08:03 -08:00
smack
Merge tag 'Smack-for-6.19' of https://github.com/cschaufler/smack-next
2025-12-03 10:58:59 -08:00
tomoyo
tomoyo: move initcalls to the LSM framework
2025-10-22 19:24:26 -04:00
yama
lsm: replace the name field with a pointer to the lsm_id struct
2025-10-22 19:24:18 -04:00
commoncap.c
Merge tag 'caps-pr-20251204' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux
2025-12-04 20:10:28 -08:00
device_cgroup.c
device_cgroup: Refactor devcgroup_seq_show to use seq_put* helpers
2025-11-11 19:47:24 -05:00
inode.c
lsm: consolidate all of the LSM framework initcalls
2025-10-22 19:24:28 -04:00
Kconfig
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
2025-09-11 16:32:04 -04:00
Kconfig.hardening
rust: add bitmap API.
2025-09-22 15:52:44 -04:00
lsm_audit.c
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
lsm_init.c
lsm: use unrcu_pointer() for current->cred in security_init()
2025-11-19 10:32:06 -05:00
lsm_notifier.c
lsm: split the notifier code out into lsm_notifier.c
2025-10-22 19:24:15 -04:00
lsm_syscalls.c
lsm: rework lsm_active_cnt and lsm_idlist[]
2025-10-22 19:24:19 -04:00
lsm.h
lsm: consolidate all of the LSM framework initcalls
2025-10-22 19:24:28 -04:00
Makefile
lsm: split the init code out into lsm_init.c
2025-10-22 19:24:16 -04:00
min_addr.c
lsm: consolidate all of the LSM framework initcalls
2025-10-22 19:24:28 -04:00
security.c
lsm: cleanup the debug and console output in lsm_init.c
2025-10-22 19:24:23 -04:00