From: Greg KH <gregkh@linuxfoundation.org>
To: Hoyeon Lee <hoyeon.lee@suse.com>
Cc: cve@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH vulns] add a .vulnerable id for CVE-2025-38608
Date: Wed, 3 Sep 2025 14:36:03 +0200 [thread overview]
Message-ID: <2025090355-impromptu-tragedy-9ff2@gregkh> (raw)
In-Reply-To: <20250903054107.221958-1-hoyeon.lee@suse.com>
On Wed, Sep 03, 2025 at 02:41:07PM +0900, Hoyeon Lee wrote:
> The issue depends on bpf_msg_pop_data() helper, which was introduced
> by commit 7246d8ed4dcc ("bpf: helper to pop data from messages"). Fixes
> tag in commit 178f6a5c8cb3 ("bpf, ktls: Fix data corruption when using
> bpf_msg_pop_data() in ktls") incorrectly points to commit d3b18ad31f93
> ("tls: add bpf support to sk_msg handling"), which does not provide this
> helper. For this reason, the introduction of bpf_msg_pop_data() has been
> chosen as the vulnerable point for CVE-2025-38608.
>
> Signed-off-by: Hoyeon Lee <hoyeon.lee@suse.com>
> ---
> cve/published/2025/CVE-2025-38608.vulnerable | 1 +
> 1 file changed, 1 insertion(+)
> create mode 100644 cve/published/2025/CVE-2025-38608.vulnerable
>
> diff --git a/cve/published/2025/CVE-2025-38608.vulnerable b/cve/published/2025/CVE-2025-38608.vulnerable
> new file mode 100644
> index 000000000..f0336d0ed
> --- /dev/null
> +++ b/cve/published/2025/CVE-2025-38608.vulnerable
> @@ -0,0 +1 @@
> +7246d8ed4dcce23f7509949a77be15fa9f0e3d28
> --
> 2.51.0
>
Looks good, thanks! Now applied and updated.
greg k-h
prev parent reply other threads:[~2025-09-03 12:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-03 5:41 [PATCH vulns] add a .vulnerable id for CVE-2025-38608 Hoyeon Lee
2025-09-03 12:36 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2025090355-impromptu-tragedy-9ff2@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cve@kernel.org \
--cc=hoyeon.lee@suse.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.