lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <67d3e5e1-57be-590d-f925-47b49442a67e@google.com>
Date:   Thu, 13 Apr 2023 16:58:55 -0700 (PDT)
From:   David Rientjes <rientjes@...gle.com>
To:     Yang Shi <shy828301@...il.com>, willemb@...gle.com
cc:     David Hildenbrand <david@...hat.com>,
        Vlastimil Babka <vbabka@...e.cz>,
        kirill.shutemov@...ux.intel.com, jannh@...gle.com,
        Matthew Wilcox <willy@...radead.org>,
        Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [v4 PATCH] fs/proc: task_mmu.c: don't read mapcount for migration
 entry

On Mon, 3 Apr 2023, Yang Shi wrote:

> On Mon, Apr 3, 2023 at 12:30 AM David Hildenbrand <david@...hat.com> wrote:
> >
> > On 24.03.23 21:12, Yang Shi wrote:
> > > On Fri, Mar 24, 2023 at 4:25 AM Vlastimil Babka <vbabka@...e.cz> wrote:
> > >>
> > >> On 3/23/23 21:45, Yang Shi wrote:
> > >>> On Thu, Mar 23, 2023 at 3:11 AM Vlastimil Babka <vbabka@...e.cz> wrote:
> > >>>
> > >>> Out of curiosity, is there any public link for this CVE? Google search
> > >>> can't find it.
> > >>
> > >> Only this one is live so far, AFAIK
> > >>
> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2180936
> > >
> > > Thank you.
> >
> > There is now
> >
> > https://access.redhat.com/security/cve/cve-2023-1582
> 
> Thank you.
> 

Hi Yang,

commit 24d7275ce2791829953ed4e72f68277ceb2571c6
Author: Yang Shi <shy828301@...il.com>
Date:   Fri Feb 11 16:32:26 2022 -0800

    fs/proc: task_mmu.c: don't read mapcount for migration entry

is backported to 5.10 stable but not to 5.4 or earlier stable trees.  The 
commit advertises to fix a commit from 4.5.

Do we need stable backports for earlier trees or are they not affected?

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ