[Buildroot] [PATCH 1/1] package/cryptsetup: security bump to version 2.3.4

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 1/1] package/cryptsetup: security bump to version 2.3.4
Date: Fri, 30 Oct 2020 09:27:52 +0100	[thread overview]
Message-ID: <877dr8f793.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20201025143912.1273561-1-fontaine.fabrice@gmail.com> (Fabrice Fontaine's message of "Sun, 25 Oct 2020 15:39:12 +0100")

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > Fix CVE-2020-14382: A vulnerability was found in upstream release
 > cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code,
 > that is effectively invoked on every device/image presenting itself as
 > LUKS2 container. The bug is in segments validation code in file
 > 'lib/luks2/luks2_json_metadata.c' in function
 > hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj)
 > where the code does not check for possible overflow on memory allocation
 > used for intervals array (see statement "intervals = malloc(first_backup
 > * sizeof(*intervals));"). Due to the bug, library can be *tricked* to
 > expect such allocation was successful but for far less memory then
 > originally expected. Later it may read data FROM image crafted by an
 > attacker and actually write such data BEYOND allocated memory.

 > https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.3/v2.3.4-ReleaseNotes

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Committed to 2020.08.x, thanks.

For 2020.02.x I will instead backport the fixes.

-- 
Bye, Peter Korsgaard

     prev parent reply	other threads:[~2020-10-30  8:27 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-25 14:39 [Buildroot] [PATCH 1/1] package/cryptsetup: security bump to version 2.3.4 Fabrice Fontaine
2020-10-25 14:55 ` Thomas Petazzoni
2020-10-30  8:27 ` Peter Korsgaard [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=877dr8f793.fsf@dell.be.48ers.dk \
    --to=peter@korsgaard.com \
    --cc=buildroot@busybox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.