Re: ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 05/15/2018 10:36 AM, Schmauss, Erik wrote:
But I'm going to push back on this.  The kernel security team said
something like "this is crazy, if you control ACPI tables you have
bigger problems" when this bug was reported and told the developer
to just submit this as a normal code cleanup.

Granting this a CVE was, in my opinion, a total mistake as well.
This doesn't fix any "real" problem that anyone can hit in the wild
from what I can tell.  And again, if you can modify ACPI tables,
there are much bigger problems you can cause on the hardware.
Agreed. Could we somehow close this CVE?
Please do, you can submit a request for it to be rejected on the main CVE site
somewhere.  I've done it once in the past.
Ok. I'll do this.

Thanks!

Please do the same for CVE-2017-13694 (not in Linus' tree) as well as this one CVE-2017-13695 (in Linus' tree) as they are both associated with crafted ACPI tables.

I am rescinding my request to have these in stable for security concerns.

If the AML is correct, it's fine. Almost all OEMs use ASL compilers like iASL to ensure
correctness of ASL/AML.
That probably is enough to push back on stable, really an academic defence in depth measure.

This patch might be nice to have for when users wish to alter their ACPI tables by hand
and those altered ACPI tables cause this memory leak. If you wish to account for
memory leaks that result from these hand-crafted AML files, then you should add this
patch. Otherwise, it's not necessary.
Linus' tree has this, should deal with those advanced developers/users that wish to alter their ACPI tables by hand? The leak is probably a smaller issue than what can happen if someone decides to adjust them by hand ;-}


-- Mark





[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux