[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <961720ed43b3df26042efc260d433fb6ddf5c44e.camel@gmail.com>
Date: Thu, 07 Nov 2024 21:17:00 -0800
From: Eduard Zingerman <eddyz87@...il.com>
To: Shung-Hsi Yu <shung-hsi.yu@...e.com>, Andrii Nakryiko
<andrii@...nel.org>, cve@...nel.org
Cc: Tao Lyu <tao.lyu@...l.ch>, Greg Kroah-Hartman
<gregkh@...uxfoundation.org>, linux-kernel@...r.kernel.org
Subject: Re: CVE-2023-52920: bpf: support non-r10 register spill/fill
to/from stack in precision tracking
On Fri, 2024-11-08 at 12:42 +0800, Shung-Hsi Yu wrote:
> Hi Andrii and Eduard,
Hi Shung-Hsi,
> I'm trying to determine the security implication of CVE-2023-52920, or
> more specifically, what does commit 41f6f64e6999 ("bpf: support non-r10
> register spill/fill to/from stack in precision tracking") fix.
> Superficially this looks more like an improvement to the verifier.
It is my understanding as well, that this commit is an optimization to
avoid some precision marks. I do not see any security implications.
Thanks,
Eduard
[...]
Powered by blists - more mailing lists