*** This bug is a security vulnerability ***
Private security bug reported:
[Impact]
adjust_ptr_min_max_vals will allow a pointer arithmetic with any value, but set
the register to a SCALAR, preventing further pointer operations, leading to a
pointer leak, aka, KASLR leak.
[Potential regression]
Any potential fixes will change the verifier, which means that some BPF code
that was previously allowed may be prevented to load. It may also lead to other
code being allowed that leads to other vulnerabilities.
[Test case]
Use a privately shared code to test it.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Private Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1954904
Title:
bpf pointer tainted kaslr leak
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954904/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
