Re: CVE-2024-43898 is invalid?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: Theodore Ts'o <tytso@mit.edu>
Cc: cve@kernel.org, linux-ext4@vger.kernel.org
Subject: Re: CVE-2024-43898 is invalid?
Date: Mon, 9 Sep 2024 18:20:08 +0200	[thread overview]
Message-ID: <2024090919-eats-countable-1a0d@gregkh> (raw)
In-Reply-To: <20240909153144.GA1510718@mit.edu>

On Mon, Sep 09, 2024 at 11:31:44AM -0400, Theodore Ts'o wrote:
> I believe CVE-2024-43898 regarding "ext4: sanity check for NULL
> pointer after ext4_force_shutdown" (commit id: 83f4414b8f84) may have
> been issued in error.
> 
> ext4_force_shutdown() is called from FS_IOC_SHUTDOWN, which requires
> root privileges.

"root privileges" are not something that "is this a vulnerability"
normally takes into account given that there are zillions of ways of
giving permissions to processes to do things that people do in crazy
systems, as you know :)

That being said, the commit message does not document root priviliges
being needed, also, it looks like the function is called on the "normal"
shutdown callback for the superblock, which I don't think is required to
have root permissions, does it?

But as a maintainer, it's up to you if you wish to reject a cve for your
subsystem/code, so if you really want it rejected, we'll be glad to do
so.

thanks,

greg k-h

next prev parent reply	other threads:[~2024-09-09 16:20 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-09-09 15:31 CVE-2024-43898 is invalid? Theodore Ts'o
2024-09-09 16:20 ` Greg KH [this message]
2024-09-09 20:08   ` Theodore Ts'o
2024-09-10  7:16     ` Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2024090919-eats-countable-1a0d@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=cve@kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.