| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9758e4bb-fe54-4659-9348-df0d404af35b@gmail.com> Date: Thu, 15 Aug 2024 05:16:10 -0500 From: Joel Selvaraj <joelselvaraj.oss@...il.com> To: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> Cc: "srinivas.kandagatla@...aro.org" <srinivas.kandagatla@...aro.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Ekansh Gupta <quic_ekangupt@...cinc.com>, stable <stable@...nel.org>, Dmitry Baryshkov <dmitry.baryshkov@...aro.org> Subject: Re: [PATCH 6/6] misc: fastrpc: Restrict untrusted app to attach to privileged PD On 8/15/24 05:02, gregkh@...uxfoundation.org wrote: > On Thu, Aug 15, 2024 at 10:41:15AM +0200, gregkh@...uxfoundation.org wrote: >> On Thu, Aug 15, 2024 at 03:35:13AM -0500, Joel Selvaraj wrote: >>> Hi greg k-h, >>> >>> The git commit id is: bab2f5e8fd5d2f759db26b78d9db57412888f187 >>> >>> But I am bit hesitant if we should revert it because there is a CVE attached >>> to it: https://ubuntu.com/security/CVE-2024-41024 >> >> Not an issue if it is breaking things, let's get it right. We can >> trivially reject that CVE if needed. >> >>> Also, I am ok with changing userspace if it's necessary. It would be nice if >>> the authors can clarify the ideal fix here. >> >> No, userspace should not break, that's not ok at all. I'll get someone >> to revert this later today, thanks! > > Now sent: > https://lore.kernel.org/r/20240815094920.8242-1-griffin@kroah.com > > I'll queue this up later today. Thanks! Joel Selvaraj > thanks, > > greg k-h
Powered by blists - more mailing lists