Files
linux-stable-mirror/crypto
Thorsten Blum c13c6e9de9 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
[ Upstream commit df0845cf44 ]

Use check_add_overflow() to guard against potential integer overflows
when adding the binary blob lengths and the size of an asymmetric_key_id
structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a
possible buffer overflow when copying data from potentially malicious
X.509 certificate fields that can be arbitrarily large, such as ASN.1
INTEGER serial numbers, issuer names, etc.

Fixes: 7901c1a8ef ("KEYS: Implement binary asymmetric key ID handling")
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Reviewed-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2026-01-19 13:09:24 +01:00
..
2022-08-17 14:24:19 +02:00
2022-08-17 14:24:19 +02:00
2023-03-10 09:39:11 +01:00
2024-10-17 15:10:42 +02:00