* Re: CVE-2024-47725: dm-verity: restart or panic on an I/O error
[not found] <2024102104-CVE-2024-47725-f698@gregkh>
@ 2024-10-23 1:37 ` Li Lingfeng
2024-10-23 6:07 ` Greg Kroah-Hartman
0 siblings, 1 reply; 2+ messages in thread
From: Li Lingfeng @ 2024-10-23 1:37 UTC (permalink / raw)
To: cve, linux-kernel, linux-cve-announce
Cc: Greg Kroah-Hartman, Mikulas Patocka, yangerkun, yukuai (C),
zhangyi (F), Hou Tao, chengzhihao1, zhangerying
Hi
I noticed that the fix patch for this CVE has been reverted by commit
462763212dd7("Revert: "dm-verity: restart or panic on an I/O error"").
So should this CVE also be rejected?
Thanks
在 2024/10/21 20:16, Greg Kroah-Hartman 写道:
> Description
> ===========
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> dm-verity: restart or panic on an I/O error
>
> Maxim Suhanov reported that dm-verity doesn't crash if an I/O error
> happens. In theory, this could be used to subvert security, because an
> attacker can create sectors that return error with the Write Uncorrectable
> command. Some programs may misbehave if they have to deal with EIO.
>
> This commit fixes dm-verity, so that if "panic_on_corruption" or
> "restart_on_corruption" was specified and an I/O error happens, the
> machine will panic or restart.
>
> This commit also changes kernel_restart to emergency_restart -
> kernel_restart calls reboot notifiers and these reboot notifiers may wait
> for the bio that failed. emergency_restart doesn't call the notifiers.
>
> The Linux kernel CVE team has assigned CVE-2024-47725 to this issue.
>
>
> Affected and fixed versions
> ===========================
>
> Fixed in 6.6.54 with commit cada2646b748
> Fixed in 6.10.13 with commit b332bcca5914
> Fixed in 6.11.2 with commit 338b32a232bb
> Fixed in 6.12-rc1 with commit e6a3531dd542
>
> Please see https://www.kernel.org for a full list of currently supported
> kernel versions by the kernel community.
>
> Unaffected versions might change over time as fixes are backported to
> older supported kernel versions. The official CVE entry at
> https://cve.org/CVERecord/?id=CVE-2024-47725
> will be updated if fixes are backported, please check that for the most
> up to date information about this issue.
>
>
> Affected files
> ==============
>
> The file(s) affected by this issue are:
> drivers/md/dm-verity-target.c
>
>
> Mitigation
> ==========
>
> The Linux kernel CVE team recommends that you update to the latest
> stable kernel version for this, and many other bugfixes. Individual
> changes are never tested alone, but rather are part of a larger kernel
> release. Cherry-picking individual commits is not recommended or
> supported by the Linux kernel community at all. If however, updating to
> the latest release is impossible, the individual changes to resolve this
> issue can be found at these commits:
> https://git.kernel.org/stable/c/cada2646b7483cce370eb3b046659df31d9d34d1
> https://git.kernel.org/stable/c/b332bcca59143cfdd000957f8b78c28dd2ac1da4
> https://git.kernel.org/stable/c/338b32a232bbee39e52dd1486cbc0c9f458d4d69
> https://git.kernel.org/stable/c/e6a3531dd542cb127c8de32ab1e54a48ae19962b
^ permalink raw reply [flat|nested] 2+ messages in thread