From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Dave Chinner <david@fromorbit.com>
Cc: "Mickaël Salaün" <mic@digikod.net>,
cve@kernel.org, "Günther Noack" <gnoack@google.com>,
linux-security-module@vger.kernel.org,
"Kent Overstreet" <kent.overstreet@linux.dev>,
linux-bcachefs@vger.kernel.org, linux-fsdevel@vger.kernel.org
Subject: Re: CVE-2025-21830: landlock: Handle weird files
Date: Tue, 11 Mar 2025 07:53:16 +0100 [thread overview]
Message-ID: <2025031131-cactus-turbofan-6ad3@gregkh> (raw)
In-Reply-To: <Z8948cR5aka4Cc5g@dread.disaster.area>
On Tue, Mar 11, 2025 at 10:42:41AM +1100, Dave Chinner wrote:
> Greg, you have the ability to issue a CVE that will require
> downstream distros to fix userspace-based vulnerabilities if they
> want various certifications. You have the power to force downstream
> distros to -change their security model policies- for the wider
> good.
>
> We could knock out this whole class of vulnerability in one CVE:
> issue a CVE considering the auto-mounting of untrusted filesystem
> images as a *critical system vulnerability*. This can only be solved
> by changing the distro policies and implementations that allow this
> dangerous behaviour to persist.
I wish we could do that, but remember, we can not tell people how to use
Linux. We have no "control" over that at all. All we can do is point
out "here is a potential vulnerability, it might be applicable to you,
or you might not, depending on your use case, it's up to you to figure
it out". And we do that by issuing CVEs.
Heck, if we could dictate use, I would issue a "stop using panic on warn
you fools!" CVE right now which would instantly get rid of a huge
percentage of all kernel CVEs out there. Smart users of Linux do
disable that, and so they are not vulnerable to those at all.
Remember, we issue on average, 11-13 CVEs a day, here's our most recent
numbers:
=== CVEs Published in Last 6 Months ===
October 2024: 427 CVEs
November 2024: 280 CVEs
December 2024: 358 CVEs
January 2025: 234 CVEs
February 2025: 929 CVEs
March 2025: 56 CVEs
=== Overall Averages ===
Average CVEs per month: 415.99
Average CVEs per week: 95.64
Average CVEs per day: 13.66
So don't get all worried about individual CVEs, unless you all think
they are not valid at all, which we are glad to revoke.
> At worst, this makes the reason you give for filesystem corruption
> issues being considered CVE worthy go away completely.
Filesystem corruption or data loss is not considered a vulnerability by
cve.org, so we do not track them at this point in time. However other
group's requirements might require this in the future, so this might
change (i.e. the CRA law in Europe.)
thanks,
greg k-h
prev parent reply other threads:[~2025-03-11 6:54 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <2025030611-CVE-2025-21830-da64@gregkh>
[not found] ` <20250310.ooshu9Cha2oo@digikod.net>
[not found] ` <2025031034-savanna-debit-eb8e@gregkh>
2025-03-10 23:42 ` CVE-2025-21830: landlock: Handle weird files Dave Chinner
2025-03-11 2:09 ` Kent Overstreet
2025-03-11 4:24 ` Dave Chinner
2025-03-11 10:50 ` Kent Overstreet
2025-03-11 2:19 ` Unprivileged filesystem mounts Demi Marie Obenour
2025-03-11 5:57 ` Dave Chinner
2025-03-11 11:01 ` Christian Brauner
2025-03-11 17:36 ` Al Viro
2025-03-11 17:43 ` Kent Overstreet
2025-03-11 17:54 ` Eric Biggers
2025-03-11 20:10 ` Demi Marie Obenour
2025-03-18 5:21 ` Dave Chinner
2025-03-19 14:55 ` Demi Marie Obenour
2025-03-19 16:59 ` Theodore Ts'o
2025-03-19 17:32 ` Demi Marie Obenour
2025-03-19 20:11 ` Theodore Ts'o
2025-03-18 22:11 ` Theodore Ts'o
2025-03-19 17:44 ` Demi Marie Obenour
2025-03-19 21:25 ` Theodore Ts'o
2025-03-20 6:26 ` Demi Marie Obenour
2025-03-20 16:00 ` Theodore Ts'o
2025-03-11 6:53 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2025031131-cactus-turbofan-6ad3@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cve@kernel.org \
--cc=david@fromorbit.com \
--cc=gnoack@google.com \
--cc=kent.overstreet@linux.dev \
--cc=linux-bcachefs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).