Re: [PATCH] vmci: prevent speculation leaks by sanitizing event in event_deliver()

27 Nov 2023


      On Mon, Nov 27, 2023 at 06:37:45PM +0000, Hagar Gamal Halim Hemdan wrote:
...
Coverity spotted that event_msg is controlled by user-space,
event_msg->event_data.event is passed to event_deliver() and used
as an index without sanitization.
This change ensures that the event index is sanitized to mitigate any
possibility of speculative information leaks.
Fixes: 1d990201f9bb ("VMCI: event handling implementation")
Signed-off-by: Hagar Gamal Halim Hemdan hagarhem@amazon.com
drivers/misc/vmw_vmci/vmci_event.c | 6 +++++-
:  1 file changed, 5 insertions(+), 1 deletion(-)
<formletter>
This is not the correct way to submit patches for inclusion in the
stable kernel tree.  Please read:
    https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
</formletter>

2025

2024

2023

2022

2021

2020

2019

2018

2017

Re: [PATCH] vmci: prevent speculation leaks by sanitizing event in event_deliver()

Signed-off-by: Hagar Gamal Halim Hemdan hagarhem@amazon.com