On Sun, 2014-04-06 at 13:00 +0000, Mathieu Desnoyers wrote: > ----- Original Message ----- > > From: "Ben Hutchings" <ben@xxxxxxxxxxxxxxx> > > To: "Mathieu Desnoyers" <mathieu.desnoyers@xxxxxxxxxxxx>, "Luis Henriques" <luis.henriques@xxxxxxxxxxxxx>, "Kamal > > Mostafa" <kamal@xxxxxxxxxxxxx>, "Greg Kroah-Hartman" <gregkh@xxxxxxxxxxxxxxxxxxx> > > Cc: "stable" <stable@xxxxxxxxxxxxxxx> > > Sent: Saturday, April 5, 2014 7:37:57 PM > > Subject: Stable backport of "kernel-wide: fix missing validations on __get/__put/__copy_to/__copy_from_user()" > > > > I noticed that commit 0ef38d70d411 ("alpha: fix broken network > > checksum") was included in Linux 3.2.56, 3.5.7.30 and 3.8.13.18, but it > > was supposed to fix a regression in 3.12 that does not obviously affect > > these stable branches. > > > > That regression was introduced by commit 3ddc5b46a8e9 ("kernel-wide: fix > > missing validations on __get/__put/__copy_to/__copy_from_user()") which > > hasn't been applied to any stable branch. But it seems like it should > > be, along with the follow-up fixes. What do you think? > > Hi Ben, > > The part of the patch that fixes an information leak on alpha would be > relevant for stable, although hard to exploit since it leaks a checksum. > For the other __get_user/__put_user fixes, I don't think they really matter > for stable releases from a security standpoint, since they are in 32-bit > compatibility code, and are therefore theoretically not exploitable > (famous last words...) ;) > > However, the error-prone code pattern, if copied into a non-32-bit compat > code path, would be a security issue. This is why I submitted this fix > for 3.12. > > So applying commits 3ddc5b46a8e9 and 0ef38d70d411 to stable would not > hurt, but there is no "very strong" incentive to apply them from a > security standpoint IMHO. Thanks for your advice. I'll revert the alpha change for 3.2. Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less.
Attachment:
signature.asc
Description: This is a digitally signed message part