Re: [PATCH for-4.15] x86/ucode/amd: Fix OoB read in cpu_request_microcode()

On 10/02/2021 11:00, Jan Beulich wrote: > On 10.02.2021 00:40, Andrew Cooper wrote: >> verify_patch_size() is a maximum size check, and doesn't have a minimum >> bound. >> >> If the microcode container encodes a blob with a length less than 64 bytes, >> the subsequent calls to microcode_fits()/com

Re: [PATCH for-4.15] x86/ucode/amd: Fix OoB read in cpu_request_microcode()

On 10.02.2021 00:40, Andrew Cooper wrote: > verify_patch_size() is a maximum size check, and doesn't have a minimum bound. > > If the microcode container encodes a blob with a length less than 64 bytes, > the subsequent calls to microcode_fits()/compare_header() may read off the end > of the buffe

[PATCH for-4.15] x86/ucode/amd: Fix OoB read in cpu_request_microcode()

verify_patch_size() is a maximum size check, and doesn't have a minimum bound. If the microcode container encodes a blob with a length less than 64 bytes, the subsequent calls to microcode_fits()/compare_header() may read off the end of the buffer. Fixes: 4de936a38a ("x86/ucode/amd: Rework parsin