hwmon: (nct6775) Fix potential Spectre v1 - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Gustavo A. R. Silva <gustavo@embeddedor.com>	2018-08-15 08:14:37 -0500
committer	Guenter Roeck <linux@roeck-us.net>	2018-08-26 17:45:25 -0700
commit	d49dbfade96d5b0863ca8a90122a805edd5ef50a (patch)
tree	730c6cb452f851db3274f9397798c6ea47fd25a0 /README
parent	f196dec6d50abb2e65fb54a0621b2f1b4d922995 (diff)
download	linux-d49dbfade96d5b0863ca8a90122a805edd5ef50a.tar.bz2

hwmon: (nct6775) Fix potential Spectre v1

val can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: vers/hwmon/nct6775.c:2698 store_pwm_weight_temp_sel() warn: potential spectre issue 'data->temp_src' [r] Fix this by sanitizing val before using it to index data->temp_src Notice that given that speculation windows are large, the policy is to kill the speculation on the first load and not worry if it can be completed with a dependent load/store [1]. [1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2 Cc: stable@vger.kernel.org Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Guenter Roeck <linux@roeck-us.net>

Diffstat (limited to 'README')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: