Re: [PATCH] net: atm: Fix potential Spectre v1

From: "Gustavo A. R. Silva" Date: Thu, 3 May 2018 13:45:58 -0500 > ioc_data.dev_num can be controlled by user-space, hence leading to > a potential exploitation of the Spectre variant 1 vulnerability. > > This issue was detected with the help of Smatch: >

[PATCH] net: atm: Fix potential Spectre v1

ioc_data.dev_num can be controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: net/atm/lec.c:702 lec_vcc_attach() warn: potential spectre issue 'dev_lec' Fix this by sanitizing ioc_data.dev_num