From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:58414 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932684AbdLRKXR (ORCPT ); Mon, 18 Dec 2017 05:23:17 -0500 Subject: Patch "crypto: algif_aead - fix reference counting of null skcipher" has been added to the 4.14-stable tree To: ebiggers@google.com, gregkh@linuxfoundation.org, herbert@gondor.apana.org.au, smueller@chronox.de, syzkaller@googlegroups.com Cc: , From: Date: Mon, 18 Dec 2017 11:23:17 +0100 Message-ID: <15135925973264@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled crypto: algif_aead - fix reference counting of null skcipher to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: crypto-algif_aead-fix-reference-counting-of-null-skcipher.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From b32a7dc8aef1882fbf983eb354837488cc9d54dc Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 27 Nov 2017 23:23:05 -0800 Subject: crypto: algif_aead - fix reference counting of null skcipher From: Eric Biggers commit b32a7dc8aef1882fbf983eb354837488cc9d54dc upstream. In the AEAD interface for AF_ALG, the reference to the "null skcipher" held by each tfm was being dropped in the wrong place -- when each af_alg_ctx was freed instead of when the aead_tfm was freed. As discovered by syzkaller, a specially crafted program could use this to cause the null skcipher to be freed while it is still in use. Fix it by dropping the reference in the right place. Fixes: 72548b093ee3 ("crypto: algif_aead - copy AAD from src to dst") Reported-by: syzbot Signed-off-by: Eric Biggers Reviewed-by: Stephan Mueller Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- crypto/algif_aead.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c @@ -503,6 +503,7 @@ static void aead_release(void *private) struct aead_tfm *tfm = private; crypto_free_aead(tfm->aead); + crypto_put_default_null_skcipher2(); kfree(tfm); } @@ -535,7 +536,6 @@ static void aead_sock_destruct(struct so unsigned int ivlen = crypto_aead_ivsize(tfm); af_alg_pull_tsgl(sk, ctx->used, NULL, 0); - crypto_put_default_null_skcipher2(); sock_kzfree_s(sk, ctx->iv, ivlen); sock_kfree_s(sk, ctx, ctx->len); af_alg_release_parent(sk); Patches currently in stable-queue which might be from ebiggers@google.com are queue-4.14/crypto-algif_aead-fix-reference-counting-of-null-skcipher.patch queue-4.14/crypto-salsa20-fix-blkcipher_walk-api-usage.patch queue-4.14/crypto-rsa-fix-buffer-overread-when-stripping-leading-zeroes.patch queue-4.14/crypto-hmac-require-that-the-underlying-hash-algorithm-is-unkeyed.patch queue-4.14/crypto-af_alg-fix-null-pointer-dereference-in.patch