From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.kernel.org ([198.145.29.99]:51074 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726260AbeLQXcq (ORCPT <rfc822;stable@vger.kernel.org>);
        Mon, 17 Dec 2018 18:32:46 -0500
Date: Mon, 17 Dec 2018 18:32:44 -0500
From: Sasha Levin <sashal@kernel.org>
To: Ben Hutchings <ben.hutchings@codethink.co.uk>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Sasha Levin <Alexander.Levin@microsoft.com>,
        stable <stable@vger.kernel.org>
Subject: Re: [stable] timer/debug: Change /proc/timer_list from 0444 to 0400
Message-ID: <20181217233244.GV2746@sasha-vm>
References: <1545084063.19315.130.camel@codethink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <1545084063.19315.130.camel@codethink.co.uk>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Mon, Dec 17, 2018 at 10:01:03PM +0000, Ben Hutchings wrote:
>Please pick this commit for 4.14 and older stable branches:
>
>commit 8e7df2b5b7f245c9bd11064712db5cb69044a362
>Author: Ingo Molnar <mingo@kernel.org>
>Date:���Mon Nov 13 07:15:41 2017 +0100
>
>����timer/debug: Change /proc/timer_list from 0444 to 0400
>
>In older kernel versions this file makes it far too easy to exploit
>arbitrary-write bugs.  It's possible to hide the pointers from
>unprivileged users by setting the kernel.kptr_restrict sysctl, but that
>wasn't done by default.
>
>(Upstream commits c1eba5bcb643 "timer: Pass timer_list pointer to
>callbacks unconditionally" and ad67b74d2469 "printk: hash addresses
>printed with %p" provide more general mitigations, but don't seem to be
>suitable for stable.)

I've queued 8e7df2b5b7f2 for <=4.14, thank you.

--
Thanks,
Sasha