know your C; Fixing a Linux Kernel security bug by rearranging an if phrase

Опубликовано: 04 Октябрь 2024
на канале: Jadi
4,567
236

There is a new CVE in town; CVE-2022-2639 which targets the OpenVSwitch kernel module and lets OOB attacks. But it can be fixed in one line! By replacing:
if A - B is lower than C
with
if B + C is greater than A
But aren't these equal? Not in C but the answer goes deeper than "int overflow".

We will have a look into the bug and it solution and will check our original C book to learn more about comparisons in C. Have fun :)

00:00 - Describing the bug
03:00 - Checking the Fix
08:03 - Programming a Proof Of Concept in C
12:00 - Describing the C if type conversiona

CVE: https://nvd.nist.gov/vuln/detail/CVE-...
Kernel Commit on github: https://github.com/torvalds/linux/com...