lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2024083005-casualty-earmark-4d57@gregkh>
Date: Fri, 30 Aug 2024 12:44:45 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Willem de Bruijn <willemb@...gle.com>
Cc: Michal Koutný <mkoutny@...e.com>, cve@...nel.org,
	linux-kernel@...r.kernel.org, Tao Liu <thomas.liu@...oud.cn>
Subject: Re: CVE-2022-48936: gso: do not skip outer ip header in case of ipip
 and net_failover

On Thu, Aug 29, 2024 at 01:07:36PM -0400, Willem de Bruijn wrote:
> On Thu, Aug 29, 2024 at 12:58 PM Greg Kroah-Hartman
> <gregkh@...uxfoundation.org> wrote:
> >
> > On Thu, Aug 29, 2024 at 12:53:34PM -0400, Willem de Bruijn wrote:
> > > On Thu, Aug 29, 2024 at 12:18 PM Michal Koutný <mkoutny@...e.com> wrote:
> > > >
> > > > On Wed, Aug 28, 2024 at 09:30:08AM GMT, Greg Kroah-Hartman <gregkh@...uxfoundation.org> wrote:
> > > > > > What is the security issue here?
> > > > >
> > > > > This was assigned as part of the import of the Linux kernel GSD entries
> > > > > into CVEs as required by the CVE board of directors (hence the 2022
> > > > > date).  If you don't feel this should be assigned a CVE, just let me
> > > > > know and I will be glad to reject it.
> > > >
> > > > The address of original author bounces back. Willem, could you please
> > > > help explaining context of the change? (~the questions in my previous
> > > > message).
> > >
> > > I don't know why this has a CVE.
> > >
> > > The patch reports that the negative effect is a drop due to a corrupted packet.
> > >
> > > According to the CVE report this requires both user input with
> > > virtio_net_hdr, which is privileged, and a tunnel device configured,
> > > which again is privileged.
> > >
> >
> > Ok, should it be rejected then?  If so, just let me know.
> 
> It is a legitimate bug fix, definitely stable material.
> 
> With the fix backported to all these branches, not sure what, if
> anything, more is needed wrt the CVE.

Ok, for now I'll go revoke this as that feels the safest thing to do at
the moment.

The "frankenkernel" distros can decide if they want to pick this up or
not, everyone sane has had it for years now :)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ