[Intel-wired-lan] Potential oob access in e100.c:get_regs(_len)

Keller, Jacob E jacob.e.keller at intel.com
Tue Sep 7 23:20:25 UTC 2021



> -----Original Message-----
> From: Felicitas Hetzelt <felicitashetzelt at gmail.com>
> Sent: Monday, September 06, 2021 5:05 AM
> To: Keller, Jacob E <jacob.e.keller at intel.com>
> Cc: intel-wired-lan at osuosl.org
> Subject: Re: [Intel-wired-lan] Potential oob access in e100.c:get_regs(_len)
> 
> Hi,
> > Are you seeing the same thing I am?
> 
> Seems to me like you are right! I wonder why this was never caught though.
> 
> Also, KASAN did trigger on this path which I guess is an indication that
> there in fact is a problem.
> 
> 
> Regards,
> 
> Felicitas

I am guessing it is because it's e100. Not heavily used and you'd have to specifically run the register dump ethtool interface.

I can create a patch for this, I think it's worth fixing even if it's e100 because it would cause a kernel panic.

Thanks,
Jake


More information about the Intel-wired-lan mailing list