averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-03 12:05:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0da170b9e600da6930cfb8352e4cc036db3b6159
linux-stable-mirror/crypto/asymmetric_keys
History
Thorsten Blum c73be4f51e crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id 
[ Upstream commit df0845cf44 ]

Use check_add_overflow() to guard against potential integer overflows
when adding the binary blob lengths and the size of an asymmetric_key_id
structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a
possible buffer overflow when copying data from potentially malicious
X.509 certificate fields that can be arbitrarily large, such as ASN.1
INTEGER serial numbers, issuer names, etc.

Fixes: 7901c1a8ef ("KEYS: Implement binary asymmetric key ID handling")
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Reviewed-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-12-18 13:54:47 +01:00
..
asymmetric_keys.h
asymmetric_type.c
crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
2025-12-18 13:54:47 +01:00
Kconfig
certs: Add ECDSA signature verification self-test
2024-05-14 05:01:04 +03:00
Makefile
certs: Add ECDSA signature verification self-test
2024-05-14 05:01:04 +03:00
mscode_parser.c
mscode.asn1
pkcs7_key_type.c
pkcs7_parser.c
crypto: sm2 - Remove sm2 algorithm
2024-06-07 19:46:39 +08:00
pkcs7_parser.h
pkcs7_trust.c
pkcs7_verify.c
pkcs7.asn1
pkcs8_parser.c
pkcs8.asn1
public_key.c
crypto: sm2 - Remove sm2 algorithm
2024-06-07 19:46:39 +08:00
restrict.c
selftest_ecdsa.c
certs: Add ECDSA signature verification self-test
2024-05-14 05:01:04 +03:00
selftest_rsa.c
selftest.c
certs: Add ECDSA signature verification self-test
2024-05-14 05:01:04 +03:00
selftest.h
certs: Add ECDSA signature verification self-test
2024-05-14 05:01:04 +03:00
signature.c
verify_pefile.c
verify_pefile.h
x509_akid.asn1
x509_cert_parser.c
KEYS: X.509: Fix Basic Constraints CA flag parsing
2025-10-15 12:00:18 +02:00
x509_loader.c
x509_parser.h
x509_public_key.c
crypto: sm2 - Remove sm2 algorithm
2024-06-07 19:46:39 +08:00
x509.asn1