From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sender-op-o17.zoho.eu (sender-op-o17.zoho.eu [136.143.169.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E336C2D3220 for ; Sat, 11 Jul 2026 07:54:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.169.17 ARC-Seal:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783756458; cv=pass; b=dLN7ZsriVEk2gybLSRuPMmLErCu1R2epLVUedfwDy+S8uEuY8+Mj/qn8Ltq0hxPdt3XXwXLdmQTjYitbjki6dxva6JHAzeqX1DaWj3CHTfo1GqlG3GwZPxfmEaNaMJs3I1WR5Lpkv1xgye6C6eozGrOvDP6lM5XPoLENmQtfIcE= ARC-Message-Signature:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783756458; c=relaxed/simple; bh=Yq9ugPgqSi+vvCA2JUOrVgCq0uNPuvnlAUK0ndk5THo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HnIwyp5KT+vOk+gOVIERy/uVUOiVdA3fu6lrtoR0YZ91CbLPkVunkaFsYFYh8iQgoNui6yw6g/iQrHlOvCpy/EfNsU/clztC18BsTIw+zO3U3rgmkaBirHV19GqY5WdzCJFlP3dTqrqAG4mJVB6+0U7Yg+37dOknGaIGEObBBhw= ARC-Authentication-Results:i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=auditcode.ai; spf=pass smtp.mailfrom=auditcode.ai; dkim=pass (1024-bit key) header.d=auditcode.ai header.i=security@auditcode.ai header.b=CU0fpnAq; arc=pass smtp.client-ip=136.143.169.17 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=auditcode.ai Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=auditcode.ai Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=auditcode.ai header.i=security@auditcode.ai header.b="CU0fpnAq" ARC-Seal: i=1; a=rsa-sha256; t=1783756429; cv=none; d=zohomail.eu; s=zohoarc; b=XGjAkknBmAke5pGc1MBdG5w2FJOAxojSYgb8KVm4SzSWCVfvTMaBXOENz9IgiXSA6REdPBFzJHgVUs4Ldu+4n0EgC+Jf6hD/CBfcU5p53x7T/XOMcYLOnGLnbQyFxBn5tYaBsles9wy5RSjxPXqyP29u4SToyI6FaMDhUXsk2bo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; t=1783756429; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=Yq9ugPgqSi+vvCA2JUOrVgCq0uNPuvnlAUK0ndk5THo=; b=fVFI5v/SEafWpVuKoIW/1r81qOoTGecy5jE8yphTcKYGzK2t3fY7Bg1KfgV92FvbMjfgylkDHyEXC8NBaQlpGGAppBNTNfD5YvJ0AKkOCm5nEckqWguTALKu1u8S4xhdB9Eic8a7W2w2Num/8VjAtP/aqyfn97tk0gkTaSyBB08= ARC-Authentication-Results: i=1; mx.zohomail.eu; dkim=pass header.i=auditcode.ai; spf=pass smtp.mailfrom=security@auditcode.ai; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1783756429; s=zmail; d=auditcode.ai; i=security@auditcode.ai; h=From:From:To:To:Cc:Cc:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To; bh=Yq9ugPgqSi+vvCA2JUOrVgCq0uNPuvnlAUK0ndk5THo=; b=CU0fpnAqscKwgEh5QP3XjwHlNryiaLNT+7jzxCdw4jf/CysdDy4WAY4vXxo8g0wv 8AgsGYg282CLbEVk3puwfhJiPAemexcn+lZbqSK55RpMjhTIyYIb+S+kRUls4RUuWTi sQ0giJjguMBDgnvr7ywE+JyZSB1JeJZy/1RW1oGk= Received: by mx.zoho.eu with SMTPS id 17837564262591023.3003370679169; Sat, 11 Jul 2026 09:53:46 +0200 (CEST) From: Ibrahim Hashimov To: hare@suse.de, hch@lst.de, sagi@grimberg.me, kch@nvidia.com Cc: linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] nvmet-auth: fix uninitialized-memory leak in AUTH_RECEIVE Date: Sat, 11 Jul 2026 09:53:42 +0200 Message-ID: <20260711075342.54787-1-security@auditcode.ai> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20260709132520.44160-1-security@auditcode.ai> References: <20260709132520.44160-1-security@auditcode.ai> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-ZohoMailClient: External Please disregard this patch -- it duplicates Bryam Vargas's "nvmet-auth: zero the AUTH_RECEIVE response buffer" (https://lore.kernel.org/linux-nvme/20260702-b4-disp-127414cf-v1-1-e5395cc0f9ae@proton.me/), which fixes the same uninitialized-memory leak with the same kmalloc() -> kzalloc() change and the same Fixes: tag, and already has Christoph's Reviewed-by. I missed it before sending; sorry for the noise. Ibrahim