lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAOV16XGffTEP4JUsm4hZW5YuOFtCk6_Yu0B9QeMKWb_BLH3KHw@mail.gmail.com>
Date: Wed, 7 Aug 2024 09:56:21 +0800
From: color Ice <wirelessdonghack@...il.com>
To: Alan Stern <stern@...land.harvard.edu>
Cc: gregkh@...uxfoundation.org, kvalo@...nel.org, linux-kernel@...r.kernel.org, 
	linux-usb@...r.kernel.org, linux-wireless@...r.kernel.org, 
	mark.esler@...onical.com, stf_xl@...pl
Subject: Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer
 Dereference&Use-After-Free Vulnerability

Dear Alan, 、
Thank you for your response. Yes, I am able to test patches. Please
provide the necessary patches, and I will conduct the tests to verify
their effectiveness. Best regards,

Alan Stern <stern@...land.harvard.edu> 于2024年8月7日周三 02:36写道:
>
> On Wed, Aug 07, 2024 at 12:47:26AM +0800, color Ice wrote:
> > Hi,
> >
> > I'm glad that you can address this issue. I believe that this is indeed a
> > vulnerability because the issue is caused by the rt2x00 driver's failure to
> > properly shut down its async queues. While it requires sudo to execute, it
> > is still a problem as it can trigger a kernel system exception. We can
> > imagine that this vulnerability could be executed without root permissions
> > in certain scenarios. For instance, in many embedded systems, configuring
> > udev rules might be necessary to ensure automated operations, and in such
> > scenarios, it can be triggered without root permissions.
> >
> > Therefore, I believe that from a vulnerability perspective, it should
> > indeed be eligible for a CVE, as it can be fixed and it is indeed a flaw.
> > If this vulnerability is not addressed, future driver processing and
> > adaptation may encounter robustness and security issues. I believe security
> > issues should be handled with the corresponding seriousness.
> >
> > Thank you.
>
> You didn't answer my question.  Are you able to test patches?
>
> Alan Stern

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ