Headline
CVE-2023-3108: crypto: fix af_alg_make_sg() conversion to iov_iter · torvalds/linux@9399f0c
A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system.
Commit
Permalink
Browse files
Browse the repository at this point in the history
crypto: fix af_alg_make_sg() conversion to iov_iter
Commit 1d10eb2 (“crypto: switch af_alg_make_sg() to iov_iter”) broke af_alg_make_sg() and skcipher_recvmsg() in the process of moving them to the iov_iter interfaces. The ‘npages’ calculation in the formar calculated the number of *bytes* in the pages, and in the latter case the conversion didn’t re-read the value of ‘ctx->used’ after waiting for it to become non-zero.
This reverts to the original code for both these cases.
Cc: Al Viro [email protected] Cc: David Miller [email protected] Signed-off-by: Linus Torvalds [email protected]
- Loading branch information