android_kernel_samsung_msm8976/arch/x86
Seunghun Han 94bee3919a x86/acpi: Prevent out of bound access caused by broken ACPI tables
The bus_irq argument of mp_override_legacy_irq() is used as the index into
the isa_irq_to_gsi[] array. The bus_irq argument originates from
ACPI_MADT_TYPE_IO_APIC and ACPI_MADT_TYPE_INTERRUPT items in the ACPI
tables, but is nowhere sanity checked.

That allows broken or malicious ACPI tables to overwrite memory, which
might cause malfunction, panic or arbitrary code execution.

Add a sanity check and emit a warning when that triggers.

[ tglx: Added warning and rewrote changelog ]

Signed-off-by: Seunghun Han <kkamagui@gmail.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: security@kernel.org
Cc: "Rafael J. Wysocki" <rjw@rjwysocki.net>
Cc: stable@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
CVE-2017-11473

Change-Id: I06eeb72e3207d795a87279ecfdd362e361f505f7
2019-07-27 21:51:30 +02:00
..
boot Merge remote-tracking branch 'f2fs/linux-3.10.y' into HEAD 2017-04-18 17:02:28 +02:00
configs bludgeon the flounder kernel until it builds on i386 for qemu testing 2015-09-16 18:20:19 +05:30
crypto crypto: hash - annotate algorithms taking optional key 2019-07-27 21:49:17 +02:00
ia32 This is the 3.10.100 stable release 2017-04-18 17:17:52 +02:00
include x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl 2019-07-27 21:44:32 +02:00
kernel x86/acpi: Prevent out of bound access caused by broken ACPI tables 2019-07-27 21:51:30 +02:00
kvm x86: Rename X86_CR4_RDWRGSFS to X86_CR4_FSGSBASE 2016-06-07 10:42:44 +02:00
lguest
lib x86_64: kasan: add interceptors for memset/memmove/memcpy functions 2015-05-04 14:03:56 -07:00
math-emu
mm x86/mm/32: Set the '__vmalloc_start_set' flag in initmem_init() 2019-07-27 21:44:34 +02:00
net x86: bpf_jit: fix compilation of large bpf programs 2015-10-01 12:07:34 +02:00
oprofile
pci x86/PCI: Use host bridge _CRS info on Foxconn K8M890-8237A 2015-07-10 10:40:22 -07:00
platform This is the 3.10.99 stable release 2017-04-18 17:17:46 +02:00
power nosave: consolidate __nosave_{begin,end} in <asm/sections.h> 2015-05-06 21:56:28 +02:00
realmode x86_64: add KASan support 2015-05-04 14:03:57 -07:00
syscalls BACKPORT: random: introduce getrandom(2) system call 2017-09-08 18:50:11 +00:00
tools
um um: remove dead code 2015-09-16 18:20:08 +05:30
vdso x86_64: add KASan support 2015-05-04 14:03:57 -07:00
video
xen x86/iopl/64: Properly context-switch IOPL on Xen PV 2016-06-07 10:42:43 +02:00
.gitignore
Kbuild
Kconfig Import latest Samsung release 2017-04-18 03:43:52 +02:00
Kconfig.cpu
Kconfig.debug
Makefile stackprotector: Unify the HAVE_CC_STACKPROTECTOR logic between architectures 2014-07-25 13:08:41 -07:00
Makefile.um
Makefile_32.cpu