From: Eric Biggers <ebiggers@kernel.org>
To: Jan Kara <jack@suse.cz>
Cc: Zhang Zhiyu <zhiyuzhang999@gmail.com>,
reiserfs-devel@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org
Subject: Re: A Discussion Request about a maybe-false-positive of UBSAN: OOB Write in do_journal_end in Kernel 6.5-rc3(with POC)
Date: Thu, 10 Aug 2023 21:37:50 -0700 [thread overview]
Message-ID: <20230811043750.GA1934@sol.localdomain> (raw)
In-Reply-To: <20230810051521.GC923@sol.localdomain>
On Wed, Aug 09, 2023 at 10:15:23PM -0700, Eric Biggers wrote:
> On Wed, Aug 09, 2023 at 05:32:07PM +0200, Jan Kara wrote:
> > Improving kernel security is certainly a worthy goal but I have two notes.
> > Firstly, reiserfs is a deprecated filesystem and it will be removed from
> > the kernel in a not so distant future. So it is not very useful to fuzz it
> > because there are practically no users anymore and no developer is
> > interested in fixing those bugs even if you find some. Secondly, please do
> > a better job of reading the code and checking whether your theory is
> > actually valid before filing a CVE (CVE-2023-4205). That's just adding
> > pointless job for everyone... Thanks!
>
> FYI I filled out https://cveform.mitre.org/ to request revocation of this CVE.
>
> - Eric
Just to follow up on this, the CVE has now been "rejected". For future
reference, MITRE had me contact Red Hat since they issued the CVE. So the right
procedure was to email secalert@redhat.com, not fill out the CVE form.
- Eric
prev parent reply other threads:[~2023-08-11 4:37 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CALf2hKvsXPbRoqEYL8LEBZOFFoZd-puf6VEiLd60+oYy2TaxLg@mail.gmail.com>
2023-08-09 15:32 ` A Discussion Request about a maybe-false-positive of UBSAN: OOB Write in do_journal_end in Kernel 6.5-rc3(with POC) Jan Kara
2023-08-10 5:15 ` Eric Biggers
2023-08-11 4:37 ` Eric Biggers [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230811043750.GA1934@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=reiserfs-devel@vger.kernel.org \
--cc=zhiyuzhang999@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).