On my PC, gcry_cipher_encrypt() doesn't release all x87 FPU data registers .
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libgcrypt11 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
1)
Description: Xubuntu 12.10 desktop i386
Release: 12.10
PC: Sony PCG-SRX7S/P Memory 512 M byte http://
Chipset: Intel 815EM
$ cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 11
model name : Mobile Intel(R) Pentium(R) III CPU - M 900MHz
stepping : 4
microcode : 0x2
cpu MHz : 500.000
cache size : 512 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 2
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pse36 mmx fxsr sse up
bogomips : 993.64
clflush size : 32
cache_alignment : 32
address sizes : 36 bits physical, 32 bits virtual
power management:
$ uname -a
Linux loghost 3.5.0-22-generic #34-Ubuntu SMP Tue Jan 8 21:41:11 UTC 2013 i686 i686 i686 GNU/Linux
2)
libgcrypt11 1.5.0-3ubuntu1
gnome-keyring 3.6.1-0ubuntu1
3) What you expected to happen
$apt-get -b source gnome-keyring
$cd gnome-keyring-
$make -k check | tee make-k-check2.txt
→all check OK
4) What happened instead
→ but /gnome2-
See also https:/
5) I analyzed the gnome-keyring program.
So I found that gcry_cipher_
Then -nan goes into a variable subsequent processing.
This problem found on the test of /gnome2-
gnome-keyring-
function is encrypt_buffer() in gnome-keyring-
I wrote a reappearance program .
https:/
Please check it, and please fix this problem
See also https:/
and http://
Thanks .
CVE References
Changed in libgcrypt11 (Ubuntu): | |
status: | New → In Progress |
Hi .
I found the position of the problem, then I wrote a patch .
When adapted in this patch, the test of gnome-keyring was OK .
However, I cannot judge whether this correction is right .
And I cannot judge whether there is the same problem as other parts .
I want you to check these .
And although "libgcrypt11:i386" is the i386 architecture, I cannot judge whether it is allowed to call MMX instructions by the i386 architecture.
Then, I wish for the view from intellectuals .
Thanks .