| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024121711-appetite-monsoon-eed6@gregkh>
Date: Tue, 17 Dec 2024 19:24:35 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Salvatore Bonaccorso <carnil@...ian.org>
Cc: cve@...nel.org, linux-kernel@...r.kernel.org,
linux-cve-announce@...r.kernel.org
Subject: Re: CVE-2024-53144: Bluetooth: hci_event: Align BR/EDR JUST_WORKS
paring with LE
On Tue, Dec 17, 2024 at 06:07:40PM +0100, Salvatore Bonaccorso wrote:
> Hi Greg,
>
> On Tue, Dec 17, 2024 at 04:55:10PM +0100, Greg Kroah-Hartman wrote:
> > Description
> > ===========
> >
> > In the Linux kernel, the following vulnerability has been resolved:
> >
> > Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE
> >
> > This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4
> > ("Bluetooth: Always request for user confirmation for Just Works")
> > always request user confirmation with confirm_hint set since the
> > likes of bluetoothd have dedicated policy around JUST_WORKS method
> > (e.g. main.conf:JustWorksRepairing).
> >
> > CVE: CVE-2024-8805
> >
> > The Linux kernel CVE team has assigned CVE-2024-53144 to this issue.
> >
> >
> > Affected and fixed versions
> > ===========================
> >
> > Issue introduced in 3.16 with commit ba15a58b179e and fixed in 6.1.113 with commit d17c631ba04e
> > Issue introduced in 3.16 with commit ba15a58b179e and fixed in 6.6.55 with commit 830c03e58beb
> > Issue introduced in 3.16 with commit ba15a58b179e and fixed in 6.10.14 with commit ad7adfb95f64
> > Issue introduced in 3.16 with commit ba15a58b179e and fixed in 6.11.3 with commit 5291ff856d2c
> > Issue introduced in 3.16 with commit ba15a58b179e and fixed in 6.12 with commit b25e11f978b6
> > Issue introduced in 3.2.61 with commit 373d1dfcffc6
> > Issue introduced in 3.4.98 with commit bc96ff59b2f1
> > Issue introduced in 3.10.48 with commit 6ab84785311d
> > Issue introduced in 3.12.25 with commit 778763287ded
> > Issue introduced in 3.14.12 with commit 9a5fcacabde0
> > Issue introduced in 3.15.5 with commit 039da39a6161
> >
> > Please see https://www.kernel.org for a full list of currently supported
> > kernel versions by the kernel community.
> >
> > Unaffected versions might change over time as fixes are backported to
> > older supported kernel versions. The official CVE entry at
> > https://cve.org/CVERecord/?id=CVE-2024-53144
> > will be updated if fixes are backported, please check that for the most
> > up to date information about this issue.
> >
> >
> > Affected files
> > ==============
> >
> > The file(s) affected by this issue are:
> > net/bluetooth/hci_event.c
> >
> >
> > Mitigation
> > ==========
> >
> > The Linux kernel CVE team recommends that you update to the latest
> > stable kernel version for this, and many other bugfixes. Individual
> > changes are never tested alone, but rather are part of a larger kernel
> > release. Cherry-picking individual commits is not recommended or
> > supported by the Linux kernel community at all. If however, updating to
> > the latest release is impossible, the individual changes to resolve this
> > issue can be found at these commits:
> > https://git.kernel.org/stable/c/d17c631ba04e960eb6f8728b10d585de20ac4f71
> > https://git.kernel.org/stable/c/830c03e58beb70b99349760f822e505ecb4eeb7e
> > https://git.kernel.org/stable/c/ad7adfb95f64a761e4784381e47bee1a362eb30d
> > https://git.kernel.org/stable/c/5291ff856d2c5177b4fe9c18828312be30213193
> > https://git.kernel.org/stable/c/b25e11f978b63cb7857890edb3a698599cddb10e
>
> I asume that https://www.zerodayinitiative.com/advisories/ZDI-24-1229/
> back then which has referenced CVE-2024-8805 is cosindered invalid
> right?
>
> Cc'ing zdi@...ndmicro.com
Yes, ZDI has been asked to reject the CVE that they created against the
Linux project, as they are not allowed to do that.
thanks,
greg k-h
Powered by blists - more mailing lists