What's the practical impact of this? Could an attacker kill the machine?
On Wed, 30 Jan 2013, Kasatkin, Dmitry wrote: > On Fri, Jan 25, 2013 at 4:54 PM, Dmitry Kasatkin > <[email protected]> wrote: > > From: YOSHIFUJI Hideaki <[email protected]> > > > > digsig_verify_rsa() does not free kmalloc'ed buffer returned by > > mpi_get_buffer(). > > > > Signed-off-by: YOSHIFUJI Hideaki <[email protected]> > > Signed-off-by: Dmitry Kasatkin <[email protected]> > > Cc: [email protected] > > --- > > lib/digsig.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/lib/digsig.c b/lib/digsig.c > > index 8c0e629..dc2be7e 100644 > > --- a/lib/digsig.c > > +++ b/lib/digsig.c > > @@ -162,6 +162,8 @@ static int digsig_verify_rsa(struct key *key, > > memset(out1, 0, head); > > memcpy(out1 + head, p, l); > > > > + kfree(p); > > + > > err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len); > > if (err) > > goto err; > > -- > > 1.7.10.4 > > > > James, can you please apply this patch. > > - Dmitry > -- James Morris <[email protected]> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
