From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Jiri Kosina <jikos@kernel.org>
Cc: Sasha Levin <sashal@kernel.org>, Michal Hocko <mhocko@suse.com>,
Kees Cook <keescook@chromium.org>,
cve@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: CVE-2023-52451: powerpc/pseries/memhp: Fix access beyond end of drmem array
Date: Thu, 29 Feb 2024 19:32:21 +0100 [thread overview]
Message-ID: <2024022905-pester-emphatic-9ff0@gregkh> (raw)
In-Reply-To: <nycvar.YFH.7.76.2402291824020.13421@cbobk.fhfr.pm>
On Thu, Feb 29, 2024 at 06:36:08PM +0100, Jiri Kosina wrote:
> On Thu, 29 Feb 2024, Jiri Kosina wrote:
>
> > - you pointed to a fix for UAF in BPF, which definitely is a good fix to
> > have, I don't even dispute that CVE is justified in this particular
> > case. What I haven't yet seen though how this connects to in my view
> > rather serious 'trivial to get root' statement
>
> To elaborate on this a little bit more -- I completely agree that this fix
> is completely in-line with what Kees is, in my view, quite nicely
> describing at [1]. You pointed to a weakness (for which a fix *is* in our
> queue), sure.
>
> But I see a HUGE leap from "fixes a weakness" to bold, aggressive and in
> my view exaggerating statements a-la "I am able to trivially pwn any
> kernel which is not -stable".
{sigh}
I do not mean _any_ enterprise kernel, I said "most", some I did not
find any problems with at all that I could tell. This was true the last
time I did this exercise about 9 or so months ago for a presentation,
and hey, it might have changed since then, I sure hope so for everyone's
sake.
Sorry, I will NOT say what distros I did, or did not, find vunerable.
That's not my place to say here in public for obvious reasons, but I'm
more than willing to discuss it over drinks in-person anytime.
thanks,
greg k-h
next prev parent reply other threads:[~2024-02-29 18:32 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <2024022257-CVE-2023-52451-7bdb@gregkh>
2024-02-26 14:52 ` CVE-2023-52451: powerpc/pseries/memhp: Fix access beyond end of drmem array Michal Hocko
2024-02-26 15:06 ` Greg Kroah-Hartman
2024-02-26 15:25 ` Michal Hocko
2024-02-26 16:12 ` Greg Kroah-Hartman
2024-02-26 16:36 ` Michal Hocko
2024-02-27 5:14 ` Greg Kroah-Hartman
2024-02-27 8:51 ` Michal Hocko
2024-03-03 12:02 ` Michael Ellerman
2024-02-27 9:53 ` Jiri Kosina
2024-02-27 18:35 ` Kees Cook
2024-02-28 12:04 ` Michal Hocko
2024-02-28 17:12 ` Kees Cook
2024-02-29 8:22 ` Michal Hocko
2024-02-29 8:35 ` Greg Kroah-Hartman
2024-02-29 9:41 ` Michal Hocko
2024-02-29 14:18 ` Greg Kroah-Hartman
2024-02-29 15:08 ` Kees Cook
2024-02-29 17:36 ` Michal Hocko
2024-02-29 15:09 ` Jiri Kosina
2024-02-29 16:09 ` Sasha Levin
2024-02-29 17:11 ` Jiri Kosina
2024-02-29 17:36 ` Jiri Kosina
2024-02-29 18:32 ` Greg Kroah-Hartman [this message]
2024-02-29 17:38 ` Sasha Levin
2024-02-29 10:03 ` Pavel Machek
2024-02-29 10:00 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024022905-pester-emphatic-9ff0@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cve@kernel.org \
--cc=jikos@kernel.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mhocko@suse.com \
--cc=sashal@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox