| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024081531-vision-broadness-daca@gregkh> Date: Thu, 15 Aug 2024 12:02:45 +0200 From: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> To: Joel Selvaraj <joelselvaraj.oss@...il.com> Cc: "srinivas.kandagatla@...aro.org" <srinivas.kandagatla@...aro.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Ekansh Gupta <quic_ekangupt@...cinc.com>, stable <stable@...nel.org>, Dmitry Baryshkov <dmitry.baryshkov@...aro.org> Subject: Re: [PATCH 6/6] misc: fastrpc: Restrict untrusted app to attach to privileged PD On Thu, Aug 15, 2024 at 10:41:15AM +0200, gregkh@...uxfoundation.org wrote: > On Thu, Aug 15, 2024 at 03:35:13AM -0500, Joel Selvaraj wrote: > > Hi greg k-h, > > > > The git commit id is: bab2f5e8fd5d2f759db26b78d9db57412888f187 > > > > But I am bit hesitant if we should revert it because there is a CVE attached > > to it: https://ubuntu.com/security/CVE-2024-41024 > > Not an issue if it is breaking things, let's get it right. We can > trivially reject that CVE if needed. > > > Also, I am ok with changing userspace if it's necessary. It would be nice if > > the authors can clarify the ideal fix here. > > No, userspace should not break, that's not ok at all. I'll get someone > to revert this later today, thanks! Now sent: https://lore.kernel.org/r/20240815094920.8242-1-griffin@kroah.com I'll queue this up later today. thanks, greg k-h
Powered by blists - more mailing lists