----- Original Message ----- > From: "Ben Hutchings" <[email protected]> > To: "Mathieu Desnoyers" <[email protected]>, "Luis Henriques" > <[email protected]>, "Kamal > Mostafa" <[email protected]>, "Greg Kroah-Hartman" > <[email protected]> > Cc: "stable" <[email protected]> > Sent: Saturday, April 5, 2014 7:37:57 PM > Subject: Stable backport of "kernel-wide: fix missing validations on > __get/__put/__copy_to/__copy_from_user()" > > I noticed that commit 0ef38d70d411 ("alpha: fix broken network > checksum") was included in Linux 3.2.56, 3.5.7.30 and 3.8.13.18, but it > was supposed to fix a regression in 3.12 that does not obviously affect > these stable branches. > > That regression was introduced by commit 3ddc5b46a8e9 ("kernel-wide: fix > missing validations on __get/__put/__copy_to/__copy_from_user()") which > hasn't been applied to any stable branch. But it seems like it should > be, along with the follow-up fixes. What do you think?
Hi Ben, The part of the patch that fixes an information leak on alpha would be relevant for stable, although hard to exploit since it leaks a checksum. For the other __get_user/__put_user fixes, I don't think they really matter for stable releases from a security standpoint, since they are in 32-bit compatibility code, and are therefore theoretically not exploitable (famous last words...) ;) However, the error-prone code pattern, if copied into a non-32-bit compat code path, would be a security issue. This is why I submitted this fix for 3.12. So applying commits 3ddc5b46a8e9 and 0ef38d70d411 to stable would not hurt, but there is no "very strong" incentive to apply them from a security standpoint IMHO. Thanks, Mathieu > > Ben. > > -- > Ben Hutchings > I say we take off; nuke the site from orbit. It's the only way to be sure. > -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
