Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754152AbbLJP0K (ORCPT ); Thu, 10 Dec 2015 10:26:10 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:38834 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751415AbbLJP0H (ORCPT ); Thu, 10 Dec 2015 10:26:07 -0500 Date: Thu, 10 Dec 2015 10:26:04 -0500 From: Greg Kroah-Hartman To: Alexander Holler , David Howells Cc: jmorris@namei.org, David Woodhouse , linux-kernel@vger.kernel.org, stable@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, Mimi Zohar Subject: Re: [PATCH] X.509: Fix the time validation [ver #3] Message-ID: <20151210152604.GA18860@kroah.com> References: <20151112113840.22150.8769.stgit@warthog.procyon.org.uk> <56694497.9090308@ahsoftware.de> <5669970A.9040507@ahsoftware.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5669970A.9040507@ahsoftware.de> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1446 Lines: 34 On Thu, Dec 10, 2015 at 04:15:22PM +0100, Alexander Holler wrote: > Am 10.12.2015 um 10:23 schrieb Alexander Holler: > >Am 12.11.2015 um 12:38 schrieb David Howells: > >>This fixes CVE-2015-5327. It affects kernels from 4.3-rc1 onwards. > >> > >>Fix the X.509 time validation to use month number-1 when looking up the > >>number of days in that month. Also put the month number validation > >>before > >>doing the lookup so as not to risk overrunning the array. > > > >I've just run into this with 4.3.1 (mon_len ended up with 0 because of > >the wrong index). Which means currently build stable kernels with > >signature verification might not load modules (depending on which value > >the invalid index mon_len (12) ends up with. > > Just in case of, I would suggest to quickly push out 4.3.2 (only 4.3 seems > to be affected) which contains at least the patch mentioned in the subject > (58585c1fc301a36625db41ac7078c4dd0a218d84 in mainline). 58585c1fc301a36625db41ac7078c4dd0a218d84 doesn't reference anything in Linus's tree, where did you get that git commit id? David, any reason you didn't put a cc: stable in the commit for it to be picked up in the stable releases? thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/