[PATCH] crypto: fix OOB read in pefile_digest_pe

Linux cryptographic layer development
 help / color / mirror / Atom feed

* [PATCH] crypto: fix OOB read in pefile_digest_pe_contents
@ 2026-04-30 17:36 Weiming Shi
  2026-05-05  5:46 ` Herbert Xu
  0 siblings, 1 reply; 4+ messages in thread
From: Weiming Shi @ 2026-04-30 17:36 UTC (permalink / raw)
  To: David Howells, Lukas Wunner, Ignat Korchagin, Herbert Xu,
	David S . Miller
  Cc: Vivek Goyal, Kees Cook, keyrings, linux-crypto, Xiang Mei,
	Weiming Shi

pefile_digest_pe_contents() computes the trailing-data hash length as
pelen - (hashed_bytes + certs_size). A crafted PE can make the addition
exceed pelen, causing the unsigned subtraction to underflow to ~4 GiB.
This is passed to crypto_shash_update() which reads out of bounds and
panics on unmapped vmalloc guard pages.

 BUG: unable to handle page fault for address: ffffc900038d8000
 Oops: Oops: 0000 [#1] SMP KASAN NOPTI
 RIP: 0010:sha256_blocks_generic (lib/crypto/sha256.c:152)
 Call Trace:
  <TASK>
  __sha256_update (lib/crypto/sha256.c:208)
  crypto_sha256_update (crypto/sha256.c:142)
  verify_pefile_signature (crypto/asymmetric_keys/verify_pefile.c:436)
  kexec_kernel_verify_pe_sig (kernel/kexec_file.c:151)
  __do_sys_kexec_file_load (kernel/kexec_file.c:406)
  do_syscall_64 (arch/x86/entry/syscall_64.c:94)
  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121)
  </TASK>
 Kernel panic - not syncing: Fatal exception

Validate that the addition does not overflow and the result does not
exceed pelen before the subtraction. Return -ELIBBAD on failure.

Fixes: af316fc442ef ("pefile: Digest the PE binary and compare to the PKCS#7 data")
Reported-by: Xiang Mei <xmei5@asu.edu>
Signed-off-by: Weiming Shi <bestswngs@gmail.com>
---
 crypto/asymmetric_keys/verify_pefile.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c
index 1f3b227ba7f2..cec99db14129 100644
--- a/crypto/asymmetric_keys/verify_pefile.c
+++ b/crypto/asymmetric_keys/verify_pefile.c
@@ -305,6 +305,8 @@ static int pefile_digest_pe_contents(const void *pebuf, unsigned int pelen,
 
 	if (pelen > hashed_bytes) {
 		tmp = hashed_bytes + ctx->certs_size;
+		if (tmp <= hashed_bytes || pelen < tmp)
+			return -ELIBBAD;
 		ret = crypto_shash_update(desc,
 					  pebuf + hashed_bytes,
 					  pelen - tmp);
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: fix OOB read in pefile_digest_pe_contents
  2026-04-30 17:36 [PATCH] crypto: fix OOB read in pefile_digest_pe_contents Weiming Shi
@ 2026-05-05  5:46 ` Herbert Xu
  2026-05-05  7:12   ` Weiming Shi
  0 siblings, 1 reply; 4+ messages in thread
From: Herbert Xu @ 2026-05-05  5:46 UTC (permalink / raw)
  To: Weiming Shi
  Cc: David Howells, Lukas Wunner, Ignat Korchagin, David S . Miller,
	Vivek Goyal, Kees Cook, keyrings, linux-crypto, Xiang Mei,
	Jarkko Sakkinen, James Bottomley, Mimi Zohar

> 
> diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c
> index 1f3b227ba7f2..cec99db14129 100644
> --- a/crypto/asymmetric_keys/verify_pefile.c
> +++ b/crypto/asymmetric_keys/verify_pefile.c
> @@ -305,6 +305,8 @@ static int pefile_digest_pe_contents(const void *pebuf, unsigned int pelen,
>  
>  	if (pelen > hashed_bytes) {
>  		tmp = hashed_bytes + ctx->certs_size;
> +		if (tmp <= hashed_bytes || pelen < tmp)
> +			return -ELIBBAD;

I know nothing about this but why should pelen == tmp fail?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: fix OOB read in pefile_digest_pe_contents
  2026-05-05  5:46 ` Herbert Xu
@ 2026-05-05  7:12   ` Weiming Shi
  2026-05-05  8:23     ` Herbert Xu
  0 siblings, 1 reply; 4+ messages in thread
From: Weiming Shi @ 2026-05-05  7:12 UTC (permalink / raw)
  To: Herbert Xu
  Cc: David Howells, Lukas Wunner, Ignat Korchagin, David S . Miller,
	Vivek Goyal, Kees Cook, keyrings, linux-crypto, Xiang Mei,
	Jarkko Sakkinen, James Bottomley, Mimi Zohar

On 26-05-05 13:46, Herbert Xu wrote:
> > 
> > diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c
> > index 1f3b227ba7f2..cec99db14129 100644
> > --- a/crypto/asymmetric_keys/verify_pefile.c
> > +++ b/crypto/asymmetric_keys/verify_pefile.c
> > @@ -305,6 +305,8 @@ static int pefile_digest_pe_contents(const void *pebuf, unsigned int pelen,
> >  
> >  	if (pelen > hashed_bytes) {
> >  		tmp = hashed_bytes + ctx->certs_size;
> > +		if (tmp <= hashed_bytes || pelen < tmp)
> > +			return -ELIBBAD;
> 
> I know nothing about this but why should pelen == tmp fail?
> 
> Cheers,
> -- 
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Hi Herbert,

Do you mean this should be `pelen <= tmp` ?

pelen == tmp means the cert table sits right at EOF with no trailing data 
in between - that's a legitimate layout.

Weiming Shi

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: fix OOB read in pefile_digest_pe_contents
  2026-05-05  7:12   ` Weiming Shi
@ 2026-05-05  8:23     ` Herbert Xu
  0 siblings, 0 replies; 4+ messages in thread
From: Herbert Xu @ 2026-05-05  8:23 UTC (permalink / raw)
  To: Weiming Shi
  Cc: David Howells, Lukas Wunner, Ignat Korchagin, David S . Miller,
	Vivek Goyal, Kees Cook, keyrings, linux-crypto, Xiang Mei,
	Jarkko Sakkinen, James Bottomley, Mimi Zohar

On Tue, May 05, 2026 at 03:12:35PM +0800, Weiming Shi wrote:
>
> Do you mean this should be `pelen <= tmp` ?
> 
> pelen == tmp means the cert table sits right at EOF with no trailing data 
> in between - that's a legitimate layout.

Nevermind, I misread the patch.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2026-05-05  8:24 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-30 17:36 [PATCH] crypto: fix OOB read in pefile_digest_pe_contents Weiming Shi
2026-05-05  5:46 ` Herbert Xu
2026-05-05  7:12   ` Weiming Shi
2026-05-05  8:23     ` Herbert Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox