From: Paulo Alcantara <pc@manguebit.com>
To: Wang Zhaolong <wangzhaolong1@huawei.com>, smfrench@gmail.com
Cc: linux-cifs@vger.kernel.org
Subject: Re: [PATCH 01/12] smb: client: fix potential UAF in cifs_debug_files_proc_show()
Date: Sat, 01 Jun 2024 18:14:55 -0300 [thread overview]
Message-ID: <d1b246661ef0d10502dbf34479ca209b@manguebit.com> (raw)
In-Reply-To: <aaf165e4-a5ad-cb66-2c39-2ee6b39939d5@huawei.com>
Wang Zhaolong <wangzhaolong1@huawei.com> writes:
> Hello,
>
> I have some questions regarding CVE-2024-26928.
>
> I would like to confirm whether the phrase "fix potential UAF in
> cifs_debug_files_proc_show()" implies that the UAF issue does not
> actually exist, correct?
Correct. This is just a way to prevent one from accessing any fields
from @ses while it is being released by a different task.
> Based on this understanding, I wonder if the issue addressed by
> this CVE might not be a genuine problem. I am also curious about
> the series of patches considered as fixes for this CVE.
Nope. The fixes were created and sent without having any related CVEs.
prev parent reply other threads:[~2024-06-01 21:21 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-02 19:33 [PATCH 01/12] smb: client: fix potential UAF in cifs_debug_files_proc_show() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 02/12] smb: client: fix potential UAF in cifs_dump_full_key() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 03/12] smb: client: fix potential UAF in cifs_stats_proc_write() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 04/12] smb: client: fix potential UAF in cifs_stats_proc_show() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 05/12] smb: client: fix potential UAF in smb2_check_message() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 06/12] smb: client: fix potential UAF in smb2_is_valid_lease_break() Paulo Alcantara
2024-04-02 19:33 ` [PATCH 07/12] smb: client: fix potential UAF in smb2_is_valid_oplock_break() Paulo Alcantara
2024-04-02 19:34 ` [PATCH 08/12] smb: client: fix potential UAF in is_valid_oplock_break() Paulo Alcantara
2024-04-02 19:34 ` [PATCH 09/12] smb: client: fix potential UAF in smb2_get_sign_key() Paulo Alcantara
2024-04-02 22:02 ` Paulo Alcantara
2024-04-02 19:34 ` [PATCH 10/12] smb: client: fix potential UAF in smb2_is_network_name_deleted() Paulo Alcantara
2024-04-02 19:34 ` [PATCH 11/12] smb: client: fix potential UAF in smb2_get_enc_key() Paulo Alcantara
2024-04-02 21:40 ` Steve French
2024-04-02 21:48 ` Paulo Alcantara
2024-04-02 22:43 ` Paulo Alcantara
2024-04-02 19:34 ` [PATCH 12/12] smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Paulo Alcantara
2024-06-01 11:31 ` [PATCH 01/12] smb: client: fix potential UAF in cifs_debug_files_proc_show() Wang Zhaolong
2024-06-01 21:14 ` Paulo Alcantara [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d1b246661ef0d10502dbf34479ca209b@manguebit.com \
--to=pc@manguebit.com \
--cc=linux-cifs@vger.kernel.org \
--cc=smfrench@gmail.com \
--cc=wangzhaolong1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox