| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 May 2024 17:04:55 +1000
From: Michael Ellerman <mpe@...erman.id.au>
To: cve@...nel.org, linux-kernel@...r.kernel.org,
linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linuxppc-dev@...ts.ozlabs.org, Geoff Levand <geoff@...radead.org>
Subject: Re: CVE-2023-52665: powerpc/ps3_defconfig: Disable
PPC64_BIG_ENDIAN_ELF_ABI_V2
Greg Kroah-Hartman <gregkh@...uxfoundation.org> writes:
> Description
> ===========
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2
>
> Commit 8c5fa3b5c4df ("powerpc/64: Make ELFv2 the default for big-endian
> builds"), merged in Linux-6.5-rc1 changes the calling ABI in a way
> that is incompatible with the current code for the PS3's LV1 hypervisor
> calls.
>
> This change just adds the line '# CONFIG_PPC64_BIG_ENDIAN_ELF_ABI_V2 is not set'
> to the ps3_defconfig file so that the PPC64_ELF_ABI_V1 is used.
>
> Fixes run time errors like these:
>
> BUG: Kernel NULL pointer dereference at 0x00000000
> Faulting instruction address: 0xc000000000047cf0
> Oops: Kernel access of bad area, sig: 11 [#1]
> Call Trace:
> [c0000000023039e0] [c00000000100ebfc] ps3_create_spu+0xc4/0x2b0 (unreliable)
> [c000000002303ab0] [c00000000100d4c4] create_spu+0xcc/0x3c4
> [c000000002303b40] [c00000000100eae4] ps3_enumerate_spus+0xa4/0xf8
>
> The Linux kernel CVE team has assigned CVE-2023-52665 to this issue.
IMHO this doesn't warrant a CVE. The crash mentioned above happens at
boot, so the system is not vulnerable it's just broken :)
cheers
Powered by blists - more mailing lists