Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-19 12:00:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-stable/net/tls
History
Sabrina Dubroca 32b55c5ff9 net: tls: fix use-after-free with partial reads and async decrypt 
tls_decrypt_sg doesn't take a reference on the pages from clear_skb,
so the put_page() in tls_decrypt_done releases them, and we trigger
a use-after-free in process_rx_list when we try to read from the
partially-read skb.

Fixes: fd31f3996af2 ("tls: rx: decrypt into a fresh skb")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2024-02-10 21:38:19 +00:00
..
Kconfig
net/tls: Select SOCK_RX_QUEUE_MAPPING from TLS_DEVICE
2021-02-11 19:08:06 -08:00
Makefile
tls: rx: async: hold onto the input skb
2022-07-18 11:24:11 +01:00
tls_device_fallback.c
tls: rename MAX_IV_SIZE to TLS_MAX_IV_SIZE
2023-10-13 11:26:09 +01:00
tls_device.c
tls: don't reset prot->aad_size and prot->tail_size for TLS_HW
2023-10-23 10:15:09 -07:00
tls_main.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-10-19 13:29:01 -07:00
tls_proc.c
tls: rx: add counter for NoPad violations
2022-07-11 19:48:33 -07:00
tls_strp.c
net/tls: Use tcp_read_sock() instead of ops->read_sock()
2023-07-27 19:49:35 -07:00
tls_sw.c
net: tls: fix use-after-free with partial reads and async decrypt
2024-02-10 21:38:19 +00:00
tls_toe.c
tls: create an internal header
2022-07-08 18:38:45 -07:00
tls.h
tls: don't reset prot->aad_size and prot->tail_size for TLS_HW
2023-10-23 10:15:09 -07:00
trace.c
trace.h