[openssl/openssl] 72dfe4: aesv8-armx.pl: Avoid buffer overrread in AES-XTS d...
Tomáš Mráz
noreply at github.com
Thu Apr 20 15:50:38 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 72dfe46550ee1f1bbfacd49f071419365bc23304
https://github.com/openssl/openssl/commit/72dfe46550ee1f1bbfacd49f071419365bc23304
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-04-20 (Thu, 20 Apr 2023)
Changed paths:
M CHANGES.md
M NEWS.md
M crypto/aes/asm/aesv8-armx.pl
Log Message:
-----------
aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption
Original author: Nevine Ebeid (Amazon)
Fixes: CVE-2023-1255
The buffer overread happens on decrypts of 4 mod 5 sizes.
Unless the memory just after the buffer is unmapped this is harmless.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
(Merged from https://github.com/openssl/openssl/pull/20759)
More information about the openssl-commits
mailing list