> From: Fan Zhang <roy.fan.zh...@intel.com>
>
> This patch fixes the possible time-of-check to time-of-use (TOCTOU)
> attack problem by copying request data and descriptor index to local
> variable prior to process.
>
> Also the original sequential read of descriptors may lead to TOCTOU
> attack. This patch fixes the problem by loading all descriptors of a
> request to local buffer before processing.
>
> CVE-2020-14375
> Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")
> Cc: sta...@dpdk.org
>
> Signed-off-by: Fan Zhang <roy.fan.zh...@intel.com>
> Acked-by: Chenbo Xia <chenbo....@intel.com>
Series applied in the main repository, thanks.
