On Tue, Jul 10, 2018 at 07:06:07PM +0100, Mark Rutland wrote:
> It's possible for userspace to control event_id. Sanitize event_id when
> using it as an array index, to inhibit the potential spectre-v1 write
> gadget.
>
> This class of issue is also known as CVE-2018-3693, or "bounds check bypass
Hi Mark,
I love your patch! Yet something to improve:
[auto build test ERROR on tip/perf/core]
[also build test ERROR on v4.18-rc4 next-20180710]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/
Hi Mark,
I love your patch! Yet something to improve:
[auto build test ERROR on tip/perf/core]
[also build test ERROR on v4.18-rc4 next-20180710]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/
It's possible for userspace to control event_id. Sanitize event_id when
using it as an array index, to inhibit the potential spectre-v1 write
gadget.
This class of issue is also known as CVE-2018-3693, or "bounds check bypass
store".
Found by smatch.
Signed-off-by: Mark Rutland
Cc: Peter Zijlst
4 matches
Mail list logo
