subject:"\[PATCH AUTOSEL for 4.9 085\/190\] infiniband\/uverbs\: Fix integer overflows"

[PATCH AUTOSEL for 4.9 085/190] infiniband/uverbs: Fix integer overflows

2018-03-07 Thread Sasha Levin

From: Vlad Tsyrklevich [ Upstream commit 4f7f4dcfff2c19debbcdbcc861c325610a15e0c5 ] The 'num_sge' variable is verfied to be smaller than the 'sge_count' variable; however, since both are user-controlled it's possible to cause an integer overflow for the kmalloc multiply on

[PATCH AUTOSEL for 4.9 085/190] infiniband/uverbs: Fix integer overflows

2018-03-07 Thread Sasha Levin

From: Vlad Tsyrklevich [ Upstream commit 4f7f4dcfff2c19debbcdbcc861c325610a15e0c5 ] The 'num_sge' variable is verfied to be smaller than the 'sge_count' variable; however, since both are user-controlled it's possible to cause an integer overflow for the kmalloc multiply on 32-bit platforms