[PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099
@ 2025-07-29  8:18 Shung-Hsi Yu
  2025-07-29  8:18 ` [PATCH vulns 2/3] add a .vulnerable id for CVE-2023-52735 Shung-Hsi Yu
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Shung-Hsi Yu @ 2025-07-29  8:18 UTC (permalink / raw)
  To: Greg Kroah-Hartman, cve
  Cc: LKML, Michal Hocko, João Póvoas, Shung-Hsi Yu

The issue is present since the inroduction of BPF link abstraction with
commit 70ed506c3bbc "bpf: Introduce pinnable bpf_link abstraction".

Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@suse.com>
---
 cve/published/2024/CVE-2024-53099.vulnerable | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 cve/published/2024/CVE-2024-53099.vulnerable

diff --git a/cve/published/2024/CVE-2024-53099.vulnerable b/cve/published/2024/CVE-2024-53099.vulnerable
new file mode 100644
index 000000000..3a7ce7976
--- /dev/null
+++ b/cve/published/2024/CVE-2024-53099.vulnerable
@@ -0,0 +1 @@
+70ed506c3bbcfa846d4636b23051ca79fa4781f7
-- 
2.50.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH vulns 2/3] add a .vulnerable id for CVE-2023-52735
  2025-07-29  8:18 [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Shung-Hsi Yu
@ 2025-07-29  8:18 ` Shung-Hsi Yu
  2025-07-29  8:18 ` [PATCH vulns 3/3] add a .vulnerable id for CVE-2023-52920 Shung-Hsi Yu
  2025-07-30  5:58 ` [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Greg Kroah-Hartman
  2 siblings, 0 replies; 4+ messages in thread
From: Shung-Hsi Yu @ 2025-07-29  8:18 UTC (permalink / raw)
  To: Greg Kroah-Hartman, cve
  Cc: LKML, Michal Hocko, João Póvoas, Shung-Hsi Yu

Jakub mentioned the vulnerable commit being c5d2177a72a1 ("bpf, sockmap:
Fix race in ingress receive verdict with redirect to self") in the
syzbot thread that found this issue (see link).

Link: https://lore.kernel.org/all/87k021m8an.fsf@cloudflare.com/
Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@suse.com>
---
 cve/published/2023/CVE-2023-52735.vulnerable | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 cve/published/2023/CVE-2023-52735.vulnerable

diff --git a/cve/published/2023/CVE-2023-52735.vulnerable b/cve/published/2023/CVE-2023-52735.vulnerable
new file mode 100644
index 000000000..d7bac065f
--- /dev/null
+++ b/cve/published/2023/CVE-2023-52735.vulnerable
@@ -0,0 +1 @@
+c5d2177a72a1659554922728fc407f59950aa929
-- 
2.50.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH vulns 3/3] add a .vulnerable id for CVE-2023-52920
  2025-07-29  8:18 [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Shung-Hsi Yu
  2025-07-29  8:18 ` [PATCH vulns 2/3] add a .vulnerable id for CVE-2023-52735 Shung-Hsi Yu
@ 2025-07-29  8:18 ` Shung-Hsi Yu
  2025-07-30  5:58 ` [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Greg Kroah-Hartman
  2 siblings, 0 replies; 4+ messages in thread
From: Shung-Hsi Yu @ 2025-07-29  8:18 UTC (permalink / raw)
  To: Greg Kroah-Hartman, cve
  Cc: LKML, Michal Hocko, João Póvoas, Shung-Hsi Yu, Tao Lyu

This commit is not necessarily where the issues were actually
introduced, but given backtracking is required for BPF verifier to be
mislead to prune an unsafe execution path, this is a lower barrier to
denote that no older versions can be affected.

Cc: Tao Lyu <tao.lyu@epfl.ch>
Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@suse.com>
---
 cve/published/2023/CVE-2023-52920.vulnerable | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 cve/published/2023/CVE-2023-52920.vulnerable

diff --git a/cve/published/2023/CVE-2023-52920.vulnerable b/cve/published/2023/CVE-2023-52920.vulnerable
new file mode 100644
index 000000000..bc723ccd5
--- /dev/null
+++ b/cve/published/2023/CVE-2023-52920.vulnerable
@@ -0,0 +1 @@
+b5dc0163d8fd78e64a7e21f309cf932fda34353e
-- 
2.50.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099
  2025-07-29  8:18 [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Shung-Hsi Yu
  2025-07-29  8:18 ` [PATCH vulns 2/3] add a .vulnerable id for CVE-2023-52735 Shung-Hsi Yu
  2025-07-29  8:18 ` [PATCH vulns 3/3] add a .vulnerable id for CVE-2023-52920 Shung-Hsi Yu
@ 2025-07-30  5:58 ` Greg Kroah-Hartman
  2 siblings, 0 replies; 4+ messages in thread
From: Greg Kroah-Hartman @ 2025-07-30  5:58 UTC (permalink / raw)
  To: Shung-Hsi Yu; +Cc: cve, LKML, Michal Hocko, João Póvoas

On Tue, Jul 29, 2025 at 04:18:22PM +0800, Shung-Hsi Yu wrote:
> The issue is present since the inroduction of BPF link abstraction with
> commit 70ed506c3bbc "bpf: Introduce pinnable bpf_link abstraction".
> 
> Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@suse.com>
> ---
>  cve/published/2024/CVE-2024-53099.vulnerable | 1 +
>  1 file changed, 1 insertion(+)
>  create mode 100644 cve/published/2024/CVE-2024-53099.vulnerable
> 
> diff --git a/cve/published/2024/CVE-2024-53099.vulnerable b/cve/published/2024/CVE-2024-53099.vulnerable
> new file mode 100644
> index 000000000..3a7ce7976
> --- /dev/null
> +++ b/cve/published/2024/CVE-2024-53099.vulnerable
> @@ -0,0 +1 @@
> +70ed506c3bbcfa846d4636b23051ca79fa4781f7
> -- 
> 2.50.1
> 
> 

All now applied, thanks!

greg k-h

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-07-30  5:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-29  8:18 [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Shung-Hsi Yu
2025-07-29  8:18 ` [PATCH vulns 2/3] add a .vulnerable id for CVE-2023-52735 Shung-Hsi Yu
2025-07-29  8:18 ` [PATCH vulns 3/3] add a .vulnerable id for CVE-2023-52920 Shung-Hsi Yu
2025-07-30  5:58 ` [PATCH vulns 1/3] add a .vulnerable id for CVE-2024-53099 Greg Kroah-Hartman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.