From: Thomas Monjalon <thomas@monjalon.net>
To: Maxime Coquelin <maxime.coquelin@redhat.com>,
Chenbo Xia <chenbo.xia@intel.com>,
Zhihong Wang <zhihong.wang@intel.com>,
Jay Zhou <jianjay.zhou@huawei.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
Ferruh Yigit <ferruh.yigit@intel.com>
Cc: stable@dpdk.org, dev@dpdk.org
Subject: Re: [dpdk-dev] [dpdk-stable] [PATCH 6/6] vhost/crypto: fix possible TOCTOU attack
Date: Mon, 28 Sep 2020 17:19:14 +0200 [thread overview]
Message-ID: <3132418.IDjBfVWYWf@thomas> (raw)
In-Reply-To: <20200928105918.740807-6-ferruh.yigit@intel.com>
> From: Fan Zhang <roy.fan.zhang@intel.com>
>
> This patch fixes the possible time-of-check to time-of-use (TOCTOU)
> attack problem by copying request data and descriptor index to local
> variable prior to process.
>
> Also the original sequential read of descriptors may lead to TOCTOU
> attack. This patch fixes the problem by loading all descriptors of a
> request to local buffer before processing.
>
> CVE-2020-14375
> Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")
> Cc: stable@dpdk.org
>
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> Acked-by: Chenbo Xia <chenbo.xia@intel.com>
Series applied in the main repository, thanks.
prev parent reply other threads:[~2020-09-28 15:19 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 10:59 [dpdk-dev] [PATCH 1/6] vhost/crypto: fix pool allocation Ferruh Yigit
2020-09-28 10:59 ` [dpdk-dev] [PATCH 2/6] vhost/crypto: fix incorrect descriptor deduction Ferruh Yigit
2020-09-28 10:59 ` [dpdk-dev] [PATCH 3/6] vhost/crypto: fix missed request check for copy mode Ferruh Yigit
2020-09-28 10:59 ` [dpdk-dev] [PATCH 4/6] vhost/crypto: fix incorrect write back source Ferruh Yigit
2020-09-28 10:59 ` [dpdk-dev] [PATCH 5/6] vhost/crypto: fix data length check Ferruh Yigit
2020-09-28 10:59 ` [dpdk-dev] [PATCH 6/6] vhost/crypto: fix possible TOCTOU attack Ferruh Yigit
2020-09-28 15:19 ` Thomas Monjalon [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3132418.IDjBfVWYWf@thomas \
--to=thomas@monjalon.net \
--cc=chenbo.xia@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=jianjay.zhou@huawei.com \
--cc=maxime.coquelin@redhat.com \
--cc=roy.fan.zhang@intel.com \
--cc=stable@dpdk.org \
--cc=zhihong.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.