https://bugs.dpdk.org/show_bug.cgi?id=97
Thomas Monjalon (tho...@monjalon.net) changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |RESOLVED Resolution|--- |FIXED Mehmet gelisin (mehmetgeli...@aol.com) changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mehmetgeli...@aol.com --- Comment #59 from Thomas Monjalon (tho...@monjalon.net) --- AVX512 is disabled in DPDK if an affected version of binutils is used. Bug was fixed in 17.11, 18.11 and upper. --- Comment #60 from Thomas Monjalon (tho...@monjalon.net) --- AVX512 is disabled in DPDK if an affected version of binutils is used. Bug was fixed in 17.11, 18.11 and upper. --- Comment #61 from Mehmet gelisin (mehmetgeli...@aol.com) --- Description: The vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls vhost_crypto_create_sess() which in turn calls transform_cipher_param() depending on the operation type. It is transform_cipher_param() https://komiya-dental.com/ that handles the payload data. The payload contains a cipher key length and a static VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer. When http://www.iu-bloomington.com/ transform_cipher_param() handles the payload data it does not check to see if the buffer length doesn't exceed VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH. This missing check can cause https://www.webb-dev.co.uk/ out of bound reads which could trigger a crash or a potential information leak. Also, the vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls https://waytowhatsnext.com/ vhost_crypto_create_sess() which in turn calls transform_chain_param() depending on the operation type. It is transform_chain_param() that handles the payload data. The payload contains a cipher key length and a static VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer, it http://www.acpirateradio.co.uk/ also contains a digest length and a static authentication key buffer (size: VHOST_USER_CRYPTO_MAX_HMAC_KEY_LENGTH(512)) and authentication key buffer length. None of these length values are validated. Which can lead to reading out of bound. http://www.logoarts.co.uk/ Description: The vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls vhost_crypto_create_sess() which in turn calls transform_cipher_param() depending on the operation http://www.slipstone.co.uk/ type. It is transform_cipher_param() that handles the payload data. The payload contains a cipher key length and a static VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer. When transform_cipher_param() handles the payload data it does not check to see if the buffer length doesn't exceed VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH. This missing check can cause out of bound reads which could trigger a crash or a potential http://embermanchester.uk/ information leak. Also, the vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls vhost_crypto_create_sess() which in turn calls transform_chain_param() depending on the operation type. It is transform_chain_param() that http://connstr.net/ handles the payload data. The payload contains a cipher key length and a static VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer, it also contains a digest length and a static authentication key buffer (size: VHOST_USER_CRYPTO_MAX_HMAC_KEY_LENGTH(512)) and authentication key buffer length. None of these length values are validated. Which can lead to reading out of bound. Description: http://joerg.li/ The vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls vhost_crypto_create_sess() which in turn calls transform_cipher_param() depending on the operation type. It is transform_cipher_param() that handles the payload data. The payload contains a cipher key length and a static http://www.jopspeech.com/ VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer. When transform_cipher_param() handles the payload data it does not check to see if the buffer length doesn't exceed VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH. This missing check can cause out of bound reads which could trigger a crash or a potential http://www.wearelondonmade.com/ information leak. Also, the vhost crypto library code contains a post message handler (vhost_crypto_msg_post_handler) which calls vhost_crypto_create_sess() which in turn calls transform_chain_param() depending on the operation type. It is transform_chain_param() that http://www.compilatori.com/ handles the payload data. The payload contains a cipher key length and a static VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH (64) byte key buffer, it also contains a digest length and a static authentication key buffer (size: VHOST_USER_CRYPTO_MAX_HMAC_KEY_LENGTH(512)) and authentication http://www-look-4.com/ key buffer length. None of these length values are validated. Which can lead to reading out of bound. -- You are receiving this mail because: You are the assignee for the bug.