APPLIED: [B][C][SRU][PATCH 0/1] crypto: authenc - fix parsing key with misaligned rta_len
Kleber Souza
kleber.souza at canonical.com
Wed Jun 5 15:46:12 UTC 2019
On 5/23/19 7:09 AM, Po-Hsu Lin wrote:
> BugLink: https://bugs.launchpad.net/bugs/1829725
>
> == Justification ==
> From the commit message:
> Keys for "authenc" AEADs are formatted as an rtattr containing a 4-byte
> 'enckeylen', followed by an authentication key and an encryption key.
> crypto_authenc_extractkeys() parses the key to find the inner keys.
>
> However, it fails to consider the case where the rtattr's payload is
> longer than 4 bytes but not 4-byte aligned, and where the key ends
> before the next 4-byte aligned boundary. In this case, 'keylen -=
> RTA_ALIGN(rta->rta_len);' underflows to a value near UINT_MAX. This
> causes a buffer overread and crash during crypto_ahash_setkey().
>
> This error can be easily reproduced with the af_alg06 test in LTP test
> suite. (Basically it's the reproducer in the commit message)
>
> == Fix ==
> 8f9c4693 (crypto: authenc - fix parsing key with misaligned rta_len)
> This patch can be cherry-picked into B/C, and it's already in X/D/E.
>
> == Test ==
> Test kernels could be found here:
> https://people.canonical.com/~phlin/kernel/lp-1829725-afalg06/
>
> Both verified on a KVM node, this issue will no longer exist.
>
> == Regression potential ==
> Low, this patch just improves the checking for rtattr payload size to
> make sure it's the expected size. Also It has been upstream since 2018
> Dec. and applied in some of our kernels. No subsequent bug report was
> filed against it.
>
>
>
> Eric Biggers (1):
> crypto: authenc - fix parsing key with misaligned rta_len
>
> crypto/authenc.c | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
Applied to {bionic,cosmic}/master-next branch.
Thanks,
Kleber
More information about the kernel-team
mailing list