lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 13 May 2024 10:22:21 +0100
From: Sudeep Holla <sudeep.holla@....com>
To: Dominique Martinet <dominique.martinet@...ark-techno.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
	Sudeep Holla <sudeep.holla@....com>,
	Cristian Marussi <cristian.marussi@....com>
Subject: Re: [PATCH 5.4 / 5.10] firmware: arm_scmi: Harden accesses to the
 reset domains

On Mon, May 13, 2024 at 09:38:37AM +0900, Dominique Martinet wrote:
> From: Cristian Marussi <cristian.marussi@....com>
>
> [ Upstream commit e9076ffbcaed5da6c182b144ef9f6e24554af268 ]
>
> Accessing reset domains descriptors by the index upon the SCMI drivers
> requests through the SCMI reset operations interface can potentially
> lead to out-of-bound violations if the SCMI driver misbehave.
>
> Add an internal consistency check before any such domains descriptors
> accesses.
>
> Link: https://lore.kernel.org/r/20220817172731.1185305-5-cristian.marussi@arm.com
> Signed-off-by: Cristian Marussi <cristian.marussi@....com>
> Signed-off-by: Sudeep Holla <sudeep.holla@....com>
> Signed-off-by: Dominique Martinet <dominique.martinet@...ark-techno.com>
> ---
> This is the backport I promised for CVE-2022-48655[1]
> [1] https://lkml.kernel.org/r/Zj4t4q_w6gqzdvhz@codewreck.org
>

The backport looks good and thanks for doing that. Sometimes since we
know all the users are in the kernel, we tend to ignore the facts that
they need to be backport as this was considered as theoretical issue when
we pushed the fix. We try to keep that in mind and add fixes tag more
carefully in the future. Thanks for your effort and bring this to our
attention.

--
Regards,
Sudeep

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ