| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024081513-aware-tutor-e119@gregkh> Date: Thu, 15 Aug 2024 10:41:15 +0200 From: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> To: Joel Selvaraj <joelselvaraj.oss@...il.com> Cc: "srinivas.kandagatla@...aro.org" <srinivas.kandagatla@...aro.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Ekansh Gupta <quic_ekangupt@...cinc.com>, stable <stable@...nel.org>, Dmitry Baryshkov <dmitry.baryshkov@...aro.org> Subject: Re: [PATCH 6/6] misc: fastrpc: Restrict untrusted app to attach to privileged PD On Thu, Aug 15, 2024 at 03:35:13AM -0500, Joel Selvaraj wrote: > Hi greg k-h, > > The git commit id is: bab2f5e8fd5d2f759db26b78d9db57412888f187 > > But I am bit hesitant if we should revert it because there is a CVE attached > to it: https://ubuntu.com/security/CVE-2024-41024 Not an issue if it is breaking things, let's get it right. We can trivially reject that CVE if needed. > Also, I am ok with changing userspace if it's necessary. It would be nice if > the authors can clarify the ideal fix here. No, userspace should not break, that's not ok at all. I'll get someone to revert this later today, thanks! greg k-h
Powered by blists - more mailing lists