4.14-stable review patch.  If anyone has any objections, please let me know.


From: Herbert Xu <herb...@gondor.apana.org.au>

commit 8c9bdab21289c211ca1ca6a5f9b7537b4a600a02 upstream.

The buffer rctx->ext contains potentially sensitive data and should
be freed with kzfree.

Cc: <sta...@vger.kernel.org>
Fixes: 700cb3f5fe75 ("crypto: lrw - Convert to skcipher")
Reported-by: Dan Carpenter <dan.carpen...@oracle.com>
Signed-off-by: Herbert Xu <herb...@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>

 crypto/lrw.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -313,7 +313,7 @@ static void exit_crypt(struct skcipher_r
        rctx->left = 0;
        if (rctx->ext)
-               kfree(rctx->ext);
+               kzfree(rctx->ext);
 static int do_encrypt(struct skcipher_request *req, int err)

Reply via email to