Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754546AbbLJPQW (ORCPT <rfc822;w@1wt.eu>);
	Thu, 10 Dec 2015 10:16:22 -0500
Received: from h1446028.stratoserver.net ([85.214.92.142]:56150 "EHLO
	mail.ahsoftware.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754382AbbLJPQT (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 10 Dec 2015 10:16:19 -0500
Subject: Re: [PATCH] X.509: Fix the time validation [ver #3]
To: David Howells <dhowells@redhat.com>, jmorris@namei.org
References: <20151112113840.22150.8769.stgit@warthog.procyon.org.uk>
 <56694497.9090308@ahsoftware.de>
Cc: David Woodhouse <David.Woodhouse@intel.com>, linux-kernel@vger.kernel.org,
        stable@vger.kernel.org, linux-security-module@vger.kernel.org,
        keyrings@vger.kernel.org, Mimi Zohar <zohar@linux.vnet.ibm.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
From: Alexander Holler <holler@ahsoftware.de>
Message-ID: <5669970A.9040507@ahsoftware.de>
Date: Thu, 10 Dec 2015 16:15:22 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <56694497.9090308@ahsoftware.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1134
Lines: 26

Am 10.12.2015 um 10:23 schrieb Alexander Holler:
> Am 12.11.2015 um 12:38 schrieb David Howells:
>> This fixes CVE-2015-5327.  It affects kernels from 4.3-rc1 onwards.
>>
>> Fix the X.509 time validation to use month number-1 when looking up the
>> number of days in that month.  Also put the month number validation
>> before
>> doing the lookup so as not to risk overrunning the array.
>
> I've just run into this with 4.3.1 (mon_len ended up with 0 because of
> the wrong index). Which means currently build stable kernels with
> signature verification might not load modules (depending on which value
> the invalid index mon_len (12) ends up with.

Just in case of, I would suggest to quickly push out 4.3.2 (only 4.3 
seems to be affected) which contains at least the patch mentioned in the 
subject (58585c1fc301a36625db41ac7078c4dd0a218d84 in mainline).

Regards,

Alexander Holler
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/