lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250103091906.GD1977892@ZenIV>
Date: Fri, 3 Jan 2025 09:19:06 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: cheung wall <zzqq0103.hey@...il.com>
Cc: Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: "WARNING in max_vclocks_store" in Linux kernel version 6.13.0-rc2

On Fri, Jan 03, 2025 at 04:19:35PM +0800, cheung wall wrote:
> Hello,
> 
> I am writing to report a potential vulnerability identified in the
> Linux Kernel version 6.13.0-rc2. This issue was discovered using our
> custom vulnerability discovery tool.
>
> HEAD commit: fac04efc5c793dccbd07e2d59af9f90b7fc0dca4 (tag: v6.13-rc2)
> 
> Detailed Call Stack:

Out of curiosity, what would you expect any of us to be able to do with that
information, given that we
	* have no information about that tool of yours
	* have no idea how to interpret those call chains
	* have no way to compare those for different commits
etc?

Seriously, step back and imagine somebody with zero information about your tool
staring at the email you've sent.

Al, completely bewildered...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ