lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 25 Mar 2015 11:58:46 +0100
From:	Alexander Holler <holler@...oftware.de>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CC:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCH 3.19 091/123] gadgetfs: use-after-free in ->aio_read()

Am 25.03.2015 um 11:15 schrieb Greg Kroah-Hartman:
> On Wed, Mar 25, 2015 at 10:23:27AM +0100, Alexander Holler wrote:
>> Am 25.03.2015 um 09:33 schrieb Greg Kroah-Hartman:

>>> Is there a specific patch that is in Linus's tree that fixes this issue
>>> that I should be applying to the stable tree?
>>
>> No specific one. The changes of this patch were discarded by other patches
>> in Linus tree which fixed other problems of gadgetfs too.
>>
>> Besides that the solution for this one specific patch is a one-liner, I'll
>> give a short overview:
>>
>> - gadgetfs is already unusable since 3.16 (even with this patch) because
>> (p)read/(p)write doesn't work (fixed with 4.0)
>> - the problem this patch fixes is unlikely to be hit because glibc doesn't
>> use the Linux aio-syscall, but pread/pwrite, which means someone has to use
>> a special lib and not aio(7) to end up at the syscall the patch in question
>> fixes.
>> - there aren't that many users of gadgetfs
>>
>> No idea if you want to apply or backport the whole series found in Al Viros
>> vfs.git/gadgetfs.
>
> As this has been broken since 3.16, and no one has taken the time to fix
> it since then, it's not really an issue here, people can just use 4.0 if
> they want it.

Just a hint I think which should be kept in mind: Debian still uses 
something below 3.16, which very likely is the reason why nobody has hit 
(and examined) these bugs before.

Regards,

Alexander Holler
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ