From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Jiri Kosina <jikos@kernel.org>
Cc: Sasha Levin <sashal@kernel.org>, Michal Hocko <mhocko@suse.com>,
Kees Cook <keescook@chromium.org>,
cve@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: CVE-2023-52451: powerpc/pseries/memhp: Fix access beyond end of drmem array
Date: Thu, 29 Feb 2024 19:32:21 +0100 [thread overview]
Message-ID: <2024022905-pester-emphatic-9ff0@gregkh> (raw)
In-Reply-To: <nycvar.YFH.7.76.2402291824020.13421@cbobk.fhfr.pm>
On Thu, Feb 29, 2024 at 06:36:08PM +0100, Jiri Kosina wrote:
> On Thu, 29 Feb 2024, Jiri Kosina wrote:
>
> > - you pointed to a fix for UAF in BPF, which definitely is a good fix to
> > have, I don't even dispute that CVE is justified in this particular
> > case. What I haven't yet seen though how this connects to in my view
> > rather serious 'trivial to get root' statement
>
> To elaborate on this a little bit more -- I completely agree that this fix
> is completely in-line with what Kees is, in my view, quite nicely
> describing at [1]. You pointed to a weakness (for which a fix *is* in our
> queue), sure.
>
> But I see a HUGE leap from "fixes a weakness" to bold, aggressive and in
> my view exaggerating statements a-la "I am able to trivially pwn any
> kernel which is not -stable".
{sigh}
I do not mean _any_ enterprise kernel, I said "most", some I did not
find any problems with at all that I could tell. This was true the last
time I did this exercise about 9 or so months ago for a presentation,
and hey, it might have changed since then, I sure hope so for everyone's
sake.
Sorry, I will NOT say what distros I did, or did not, find vunerable.
That's not my place to say here in public for obvious reasons, but I'm
more than willing to discuss it over drinks in-person anytime.
thanks,
greg k-h
next prev parent reply other threads:[~2024-02-29 18:32 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-22 16:21 CVE-2023-52451: powerpc/pseries/memhp: Fix access beyond end of drmem array Greg Kroah-Hartman
2024-02-26 14:52 ` Michal Hocko
2024-02-26 15:06 ` Greg Kroah-Hartman
2024-02-26 15:25 ` Michal Hocko
2024-02-26 16:12 ` Greg Kroah-Hartman
2024-02-26 16:36 ` Michal Hocko
2024-02-27 5:14 ` Greg Kroah-Hartman
2024-02-27 8:51 ` Michal Hocko
2024-03-03 12:02 ` Michael Ellerman
2024-03-03 12:02 ` Michael Ellerman
2024-02-27 9:53 ` Jiri Kosina
2024-02-27 18:35 ` Kees Cook
2024-02-28 12:04 ` Michal Hocko
2024-02-28 17:12 ` Kees Cook
2024-02-29 8:22 ` Michal Hocko
2024-02-29 8:35 ` Greg Kroah-Hartman
2024-02-29 9:41 ` Michal Hocko
2024-02-29 14:18 ` Greg Kroah-Hartman
2024-02-29 15:08 ` Kees Cook
2024-02-29 17:36 ` Michal Hocko
2024-02-29 15:09 ` Jiri Kosina
2024-02-29 16:09 ` Sasha Levin
2024-02-29 17:11 ` Jiri Kosina
2024-02-29 17:36 ` Jiri Kosina
2024-02-29 18:32 ` Greg Kroah-Hartman [this message]
2024-02-29 17:38 ` Sasha Levin
2024-02-29 10:03 ` Pavel Machek
2024-02-29 10:00 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024022905-pester-emphatic-9ff0@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cve@kernel.org \
--cc=jikos@kernel.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mhocko@suse.com \
--cc=sashal@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.