]> git.ipfire.org Git - thirdparty/openssl.git/commit - CHANGES.md
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c809334) | patch
aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption
authorTomas Mraz <tomas@openssl.org>
Mon, 17 Apr 2023 14:51:20 +0000 (16:51 +0200)
committerTomas Mraz <tomas@openssl.org>
Thu, 20 Apr 2023 15:48:16 +0000 (17:48 +0200)
commit72dfe46550ee1f1bbfacd49f071419365bc23304
tree0477afabc47052b9d1b264c18f07ca283193d5a9tree | snapshot
parentc8093347f736c7991350d26048b680d0e64974a0commit | diff
aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption

Original author: Nevine Ebeid (Amazon)
Fixes: CVE-2023-1255
The buffer overread happens on decrypts of 4 mod 5 sizes.
Unless the memory just after the buffer is unmapped this is harmless.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20759)
CHANGES.md diff | blob | blame | history
NEWS.md diff | blob | blame | history
crypto/aes/asm/aesv8-armx.pl diff | blob | blame | history
A mirror of the official openssl repository