Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754546AbbLJPQW (ORCPT ); Thu, 10 Dec 2015 10:16:22 -0500 Received: from h1446028.stratoserver.net ([85.214.92.142]:56150 "EHLO mail.ahsoftware.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754382AbbLJPQT (ORCPT ); Thu, 10 Dec 2015 10:16:19 -0500 Subject: Re: [PATCH] X.509: Fix the time validation [ver #3] To: David Howells , jmorris@namei.org References: <20151112113840.22150.8769.stgit@warthog.procyon.org.uk> <56694497.9090308@ahsoftware.de> Cc: David Woodhouse , linux-kernel@vger.kernel.org, stable@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, Mimi Zohar , Greg Kroah-Hartman From: Alexander Holler Message-ID: <5669970A.9040507@ahsoftware.de> Date: Thu, 10 Dec 2015 16:15:22 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0 MIME-Version: 1.0 In-Reply-To: <56694497.9090308@ahsoftware.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1134 Lines: 26 Am 10.12.2015 um 10:23 schrieb Alexander Holler: > Am 12.11.2015 um 12:38 schrieb David Howells: >> This fixes CVE-2015-5327. It affects kernels from 4.3-rc1 onwards. >> >> Fix the X.509 time validation to use month number-1 when looking up the >> number of days in that month. Also put the month number validation >> before >> doing the lookup so as not to risk overrunning the array. > > I've just run into this with 4.3.1 (mon_len ended up with 0 because of > the wrong index). Which means currently build stable kernels with > signature verification might not load modules (depending on which value > the invalid index mon_len (12) ends up with. Just in case of, I would suggest to quickly push out 4.3.2 (only 4.3 seems to be affected) which contains at least the patch mentioned in the subject (58585c1fc301a36625db41ac7078c4dd0a218d84 in mainline). Regards, Alexander Holler -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/