Skip to content

Commit 0a6d91d

Browse files
PlaidCatPlaidCat
committed
crypto: seqiv - Handle EBUSY correctly
jira VULN-155734 jira VULN-155733 cve CVE-2023-53373 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit 32e6202 As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free. Fixes: 0a27032 ("[CRYPTO] seqiv: Add Sequence Number IV Generator") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 32e6202) Signed-off-by: Jonathan Maple <jmaple@ciq.com>
1 parent fe3dace commit 0a6d91d

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

crypto/seqiv.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ static void seqiv_aead_encrypt_complete2(struct aead_request *req, int err)
3030
struct aead_request *subreq = aead_request_ctx(req);
3131
struct crypto_aead *geniv;
3232

33-
if (err == -EINPROGRESS)
33+
if (err == -EINPROGRESS || err == -EBUSY)
3434
return;
3535

3636
if (err)

0 commit comments

Comments
 (0)