mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 14:44:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/char
History
Gustavo A. R. Silva 3001a9c2d9 applicom: Fix potential Spectre v1 vulnerabilities 
commit d7ac3c6ef5 upstream.

IndexCard is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

drivers/char/applicom.c:418 ac_write() warn: potential spectre issue 'apbs' [r]
drivers/char/applicom.c:728 ac_ioctl() warn: potential spectre issue 'apbs' [r] (local cap)

Fix this by sanitizing IndexCard before using it to index apbs.

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/

Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-03-13 14:04:54 -07:00
..
agp agp/intel: Flush all chipset writes after updating the GGTT 2018-03-22 09:17:57 +01:00
hw_random hwrng: stm32 - add reset during probe 2018-05-30 07:50:48 +02:00
ipmi ipmi:ssif: Fix handling of multi-part return messages 2019-01-26 09:38:36 +01:00
mwave char/mwave: fix potential Spectre v1 vulnerability 2019-01-31 08:12:34 +01:00
pcmcia pcmcia: remove left-over %Z format 2017-06-07 12:07:48 +02:00
tpm tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x 2019-01-09 16:16:45 +01:00
xilinx_hwicap
xillybus char: xillybus: Fix spelling mistake and comment 2016-08-31 14:47:54 +02:00
apm-emulation.c
applicom.c applicom: Fix potential Spectre v1 vulnerabilities 2019-03-13 14:04:54 -07:00
applicom.h
bfin-otp.c miscdevice: Use module_misc_device() macro 2016-08-31 14:12:35 +02:00
bsr.c
ds1302.c
ds1620.c
dsp56k.c dsp56k: prevent a harmless underflow 2016-07-14 16:21:53 +09:00
dtlk.c
efirtc.c
generic_nvram.c
hangcheck-timer.c
hpet.c hpet: Make cmd parameter of hpet_ioctl_common() unsigned 2019-02-27 10:07:01 +01:00
Kconfig char: lack of bool string made CONFIG_DEVPORT always on 2017-04-21 09:31:22 +02:00
lp.c char: lp: fix possible integer overflow in lp_setup() 2017-05-25 15:44:30 +02:00
Makefile RTC for 4.8 2016-08-05 09:48:22 -04:00
mbcs.c
mbcs.h
mem.c drivers: char: mem: Fix wraparound check to allow mappings up to the end 2017-06-14 15:06:04 +02:00
misc.c
mmtimer.c
mspec.c
nsc_gpio.c
nvram.c
nwbutton.c
nwbutton.h
nwflash.c
pc8736x_gpio.c
powernv-op-panel.c powerpc/powernv: Add driver for operator panel on FSP machines 2016-06-29 17:33:46 +10:00
ppdev.c ppdev: fix registering same device name 2017-04-12 12:41:10 +02:00
ps3flash.c
random.c random: mix rdrand with entropy sent in from userspace 2018-08-03 07:55:26 +02:00
raw.c
rtc.c
scx200_gpio.c
snsc.c snsc: check return value of class_create 2016-08-31 14:47:54 +02:00
snsc.h
snsc_event.c
sonypi.c fs: Replace current_fs_time() with current_time() 2016-09-27 21:06:22 -04:00
tb0219.c mips: separate extable.h, switch module.h to it 2016-10-05 18:36:18 -04:00
tile-srom.c tile-srom: avoid krealloc(... __GFP_ZERO) pattern 2016-08-30 14:45:50 +02:00
tlclk.c
toshiba.c
ttyprintk.c ttyprintk: Neaten and simplify printing 2016-09-13 17:30:17 +02:00
uv_mmtimer.c
virtio_console.c virtio_console: free buffers after reset 2018-05-01 15:13:05 -07:00