lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <32e68c66-86e9-483e-a53e-3a7bab5ed387@canonical.com>
Date: Tue, 12 Nov 2024 13:21:58 +0100
From: Agathe Porte <agathe.porte@...onical.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, Jeff Johnson <quic_jjohnson@...cinc.com>,
 Andrew Morton <akpm@...ux-foundation.org>, stable@...r.kernel.org
Subject: Re: [PATCH v2 1/1] ufs: ufs_sb_private_info: remove unused s_{2,3}apb
 fields

On 12/11/2024 13:12, Greg KH wrote:
> On Tue, Nov 12, 2024 at 01:01:54PM +0100, Agathe Porte wrote:
>> These two fields are populated during and stored as a "frequently used
>> value" in ufs_fill_super, but are not used afterwards in the driver.
>>
>> Moreover, one of the shifts triggers UBSAN: shift-out-of-bounds when
>> apbshift is 12 because 12 * 3 = 36 and 1 << 36 does not fit in the 32
>> bit integer used to store the value.
>>
>> Cc: stable@...r.kernel.org
>> Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2087853
> As these values are not used, even if the shift goes off in the wild
> it's not needed to backport this as it's not actually causing any
> problems.  So I'd drop the cc: stable@ please.

OK, sent a v3 that drops the stable cc: 
https://lore.kernel.org/linux-kernel/20241112122000.35610-1-agathe.porte@canonical.com/T/#t

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ