Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751154AbcKYBcR (ORCPT ); Thu, 24 Nov 2016 20:32:17 -0500 Received: from [65.99.196.166] ([65.99.196.166]:49721 "EHLO namei.org" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1750804AbcKYBcQ (ORCPT ); Thu, 24 Nov 2016 20:32:16 -0500 Date: Fri, 25 Nov 2016 12:32:11 +1100 (AEDT) From: James Morris To: Linus Torvalds cc: David Howells , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] Keys fixes Message-ID: User-Agent: Alpine 2.20 (LRH 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1156 Lines: 37 Please pull these fixes for the keys code. >From David: " (1) Fix mpi_powm()'s handling of a number with a zero exponent [CVE-2016-8650]. (2) Fix double free in X.509 error handling. Ver #3: - Integrate my and Andrey's patches for mpi_powm() and use mpi_resize() instead of RESIZE_IF_NEEDED() - the latter adds a duplicate check into the execution path of a trivial case we don't normally expect to be taken. Ver #2: - Use RESIZE_IF_NEEDED() to conditionally resize the result rather than manually doing this. " The following changes since commit 16ae16c6e5616c084168740990fc508bda6655d4: Merge tag 'mmc-v4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc (2016-11-24 10:51:18 -0800) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git for-linus Andrey Ryabinin (2): X.509: Fix double free in x509_cert_parse() [ver #3] mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] crypto/asymmetric_keys/x509_cert_parser.c | 1 - lib/mpi/mpi-pow.c | 7 ++++++- 2 files changed, 6 insertions(+), 2 deletions(-)