| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aUFEk8QPIAIEHcsF@horms.kernel.org> Date: Tue, 16 Dec 2025 11:37:55 +0000 From: Simon Horman <horms@...nel.org> To: bestswngs@...il.com Cc: security@...nel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, xmei5@....edu Subject: Re: [PATCH net v4] net: skbuff: add usercopy region to skbuff_fclone_cache On Tue, Dec 16, 2025 at 04:44:53PM +0800, bestswngs@...il.com wrote: > From: Weiming Shi <bestswngs@...il.com> > > skbuff_fclone_cache was created without defining a usercopy region, [1] > unlike skbuff_head_cache which properly whitelists the cb[] field. [2] > This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is enabled > and the kernel attempts to copy sk_buff.cb data to userspace via > sock_recv_errqueue() -> put_cmsg(). ... Hi Weiming Shi, Please slow down. When posting patches to the Netdev ML please allow 24h to 24h should elapse between versions. This is to allow time for review. And reduce load on shared CI infrastructure. See: https://docs.kernel.org/process/maintainer-netdev.html Also, I do not believe it is appropriate to involve security@...nel.org in reports that are made public. As there is nothing left for the security officers to do. See: - https://lore.kernel.org/netdev/CANn89i+3_50FX1RWutvipTMROD3FnK-nBeG4L+br86W85fzRdQ@mail.gmail.com/ - https://www.kernel.org/doc/Documentation/process/security-bugs.rst Thanks!
Powered by blists - more mailing lists