mirror/android_kernel_fxtec_sm6115
3
0
Fork 0
mirror of https://github.com/LineageOS/android_kernel_fxtec_sm6115.git synced 2026-04-02 06:23:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e90e56ff2931bb1e57777fc3c49db626278ff65f
android_kernel_fxtec_sm6115/crypto
History
Taeyang Lee 949e09166d crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec 
[ Upstream commit 2397e9264676be7794f8f7f1e9763d90bd3c7335 ]

authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than
the minimum expected length, crypto_authenc_esn_decrypt() can advance past
the end of the destination scatterlist and trigger a NULL pointer dereference
in scatterwalk_map_and_copy(), leading to a kernel panic (DoS).

Add a minimum AAD length check to fail fast on invalid inputs.

Fixes: 104880a6b4 ("crypto: authencesn - Convert to new AEAD interface")
Reported-By: Taeyang Lee <0wn@theori.io>
Signed-off-by: Taeyang Lee <0wn@theori.io>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Ulrich Hecht <uli@kernel.org>
2026-02-20 13:22:31 +08:00
..
asymmetric_keys
crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
2026-01-26 16:51:55 +08:00
async_tx
842.c
ablkcipher.c
crypto: ablkcipher - fix crash flushing dcache in error path
2018-08-03 18:06:04 +08:00
acompress.c
aead.c
crypto: aead,cipher - zeroize key buffer after use
2024-11-08 16:19:08 +01:00
aegis128.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis128l.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis256.c
crypto: aegis - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
aegis.h
crypto: aegis/generic - fix for big endian systems
2018-11-13 11:08:46 -08:00
aes_generic.c
aes_ti.c
crypto: aes_ti - disable interrupts while accessing S-box
2019-02-12 19:46:58 +01:00
af_alg.c
crypto: af_alg - zero initialize memory allocated via sock_kmalloc
2026-01-29 12:10:34 +08:00
ahash.c
crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
2019-03-23 20:09:54 +01:00
akcipher.c
algapi.c
Revert "crypto: api - Disallow identical driver names"
2024-05-02 16:17:13 +02:00
algboss.c
crypto: algboss - don't wait during notifier callback
2020-06-25 15:33:09 +02:00
algif_aead.c
crypto: algif_aead - Only wake up when ctx->more is zero
2024-03-26 18:22:34 -04:00
algif_hash.c
crypto: af_alg - zero initialize memory allocated via sock_kmalloc
2026-01-29 12:10:34 +08:00
algif_rng.c
crypto: af_alg - zero initialize memory allocated via sock_kmalloc
2026-01-29 12:10:34 +08:00
algif_skcipher.c
crypto: algif_aead - Only wake up when ctx->more is zero
2024-03-26 18:22:34 -04:00
ansi_cprng.c
anubis.c
api.c
crypto: api - check for ERR pointers in crypto_destroy_tfm()
2021-05-22 10:59:14 +02:00
arc4.c
authenc.c
crypto: authenc - Fix sleep in atomic context in decrypt_tail
2022-04-15 14:14:42 +02:00
authencesn.c
crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec
2026-02-20 13:22:31 +08:00
blkcipher.c
crypto: blkcipher - fix crash flushing dcache in error path
2018-08-03 18:06:04 +08:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
crypto: do not free algorithm before using
2018-12-13 09:16:21 +01:00
ccm.c
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
2019-05-22 07:37:43 +02:00
cfb.c
crypto: cfb - remove bogus memcpy() with src == dest
2019-03-23 20:09:40 +01:00
chacha20_generic.c
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
2019-11-20 18:47:11 +01:00
chacha20poly1305.c
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
2019-07-26 09:14:19 +02:00
cipher.c
crypto: aead,cipher - zeroize key buffer after use
2024-11-08 16:19:08 +01:00
cmac.c
compress.c
crc32_generic.c
crc32c_generic.c
crct10dif_common.c
crct10dif_generic.c
crypto: crct10dif-generic - fix use via crypto_shash_digest()
2019-05-22 07:37:37 +02:00
cryptd.c
crypto: cryptd - Fix skcipher instance memory leak
2019-07-10 09:53:41 +02:00
crypto_engine.c
crypto_null.c
crypto_user.c
crypto: user - fix memory leak in crypto_report
2019-12-13 08:52:48 +01:00
crypto_wq.c
ctr.c
cts.c
deflate.c
des_generic.c
dh_helper.c
crypto: dh - make crypto_dh_encode_key() make robust
2018-08-03 18:06:06 +08:00
dh.c
crypto: dh - fix memory leak
2018-07-20 13:51:21 +08:00
drbg.c
crypto: drbg - Only fail when jent is unavailable in FIPS mode
2023-05-17 11:13:13 +02:00
ecb.c
ecc_curve_defs.h
crypto: ecdh - fix typo of P-192 b value
2018-07-20 13:51:22 +08:00
ecc.c
crypto: ecdh - fix big endian bug in ECC library
2019-12-13 08:52:48 +01:00
ecc.h
ecdh_helper.c
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
2021-03-04 09:39:41 +01:00
ecdh.c
crypto: ecdh - avoid buffer overflow in ecdh_set_secret()
2021-01-12 20:10:20 +01:00
echainiv.c
fcrypt.c
fips.c
gcm.c
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
2019-05-22 07:37:37 +02:00
gf128mul.c
ghash-generic.c
crypto: ghash - fix unaligned memory access in ghash_setkey()
2019-07-26 09:14:19 +02:00
hash_info.c
hmac.c
internal.h
crypto: api - Fix race condition in crypto_spawn_alg
2020-02-11 04:34:05 -08:00
jitterentropy-kcapi.c
jitterentropy.c
Kconfig
crypto: aes_ti - disable interrupts while accessing S-box
2019-02-12 19:46:58 +01:00
keywrap.c
khazad.c
kpp.c
lrw.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
lz4.c
lz4hc.c
lzo.c
Makefile
crypto: speck - remove Speck
2018-11-13 11:08:46 -08:00
mcryptd.c
md4.c
md5.c
memneq.c
michael_mic.c
morus640.c
crypto: morus - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
morus1280.c
crypto: morus - fix handling chunked inputs
2019-03-23 20:09:54 +01:00
pcbc.c
crypto: pcbc - remove bogus memcpy()s with src == dest
2019-03-23 20:09:55 +01:00
pcrypt.c
crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY
2024-12-05 10:59:30 +01:00
poly1305_generic.c
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
crypto: rmd256 - use swap macro in rmd256_transform
2018-07-27 19:28:36 +08:00
rmd320.c
crypto: rmd320 - use swap macro in rmd320_transform
2018-07-27 19:28:36 +08:00
rng.c
rsa_helper.c
rsa-pkcs1pad.c
crypto: rsa-pkcs1pad - Use akcipher_request_complete
2023-03-11 16:31:37 +01:00
rsa.c
rsaprivkey.asn1
rsapubkey.asn1
salsa20_generic.c
crypto: salsa20 - don't access already-freed walk.iv
2019-05-22 07:37:36 +02:00
scatterwalk.c
crypto: scatterwalk - remove 'chain' argument from scatterwalk_crypto_chain()
2018-08-03 18:06:03 +08:00
scompress.c
crypto: scompress - initialize per-CPU variables on each CPU
2024-01-25 14:33:39 -08:00
seed.c
seqiv.c
crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
2026-01-29 12:10:14 +08:00
serpent_generic.c
crypto: serpent - mark __serpent_setkey_sbox noinline
2019-07-26 09:14:13 +02:00
sha1_generic.c
sha3_generic.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
2018-08-03 17:55:12 +08:00
sha256_generic.c
sha512_generic.c
shash.c
crypto: shash - avoid comparing pointers to exported functions under CFI
2021-07-20 16:15:44 +02:00
simd.c
crypto: simd - correctly take reqsize of wrapped skcipher into account
2018-12-01 09:37:32 +01:00
skcipher.c
crypto: skcipher - Unmap pages after an external error
2019-10-11 18:20:52 +02:00
sm3_generic.c
crypto: sm3 - fix undefined shift by >= width of value
2019-01-22 21:40:31 +01:00
sm4_generic.c
tcrypt.c
crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
2023-01-18 11:30:22 +01:00
tcrypt.h
tea.c
testmgr.c
crypto: testmgr - fix sizeof() on COMP_BUF_SIZE
2019-12-01 09:16:13 +01:00
testmgr.h
crypto: testmgr - some more fixes to RSA test vectors
2025-04-04 11:11:27 +02:00
tgr192.c
crypto: tgr192 - fix unaligned memory access
2020-01-27 14:50:13 +01:00
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
gcc-10: avoid shadowing standard library 'free()' in crypto
2020-05-20 08:18:46 +02:00
zstd.c