References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

dm integrity: fix memory corruption when tag_size is less than digest size

It is possible to set up dm-integrity in such a way that the
"tag_size" parameter is less than the actual digest size. In this
situation, a part of the digest beyond tag_size is ignored.

In this case, dm-integrity would write beyond the end of the
ic->recalc_tags array and corrupt memory. The corruption happened in
integrity_recalc->integrity_sector_ch

https://git.kernel.org/stable/c/08c1af8f1c13bbf210f1760132f4df24d0ed46d6

https://git.kernel.org/stable/c/4d485cf9b609709e45d5113e6e2b1b01254b2fe9

https://git.kernel.org/stable/c/6a95d91c0b315c965198f6ab7dec7c94129e17e0

https://git.kernel.org/stable/c/6b4bf97587ef6c1927a78934b700204920655123

https://git.kernel.org/stable/c/7f84c937222944c03f4615ca4742df6bed0e5adf

https://git.kernel.org/stable/c/cd02b2687d66f0a8e716384de4b9a0671331f1dc