CVE-2024-26789

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> crypto: arm64/neonbs - fix out-of-bounds access on short input<br /> <br /> The bit-sliced implementation of AES-CTR operates on blocks of 128<br /> bytes, and will fall back to the plain NEON version for tail blocks or<br /> inputs that are shorter than 128 bytes to begin with.<br /> <br /> It will call straight into the plain NEON asm helper, which performs all<br /> memory accesses in granules of 16 bytes (the size of a NEON register).<br /> For this reason, the associated plain NEON glue code will copy inputs<br /> shorter than 16 bytes into a temporary buffer, given that this is a rare<br /> occurrence and it is not worth the effort to work around this in the asm<br /> code.<br /> <br /> The fallback from the bit-sliced NEON version fails to take this into<br /> account, potentially resulting in out-of-bounds accesses. So clone the<br /> same workaround, and use a temp buffer for short in/outputs.