Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree

Next message: David Woodhouse: "[RFC] KVM/x86: Killing kvm_get_time_and_clockread() in favour of ktime_get_snapshot()"
Previous message: Jani Nikula: "Re: [PATCH v3 4/4] drm/scdc-helper: Implement parsing and printing HDMI 2.1 fields"
In reply to: Alexander Aring: "Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree"
Next in thread: Greg KH: "Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexander Aring

Date: Tue May 26 2026 - 10:05:13 EST

Hi,

On Mon, May 25, 2026 at 1:39 PM Alexander Aring <aahringo@xxxxxxxxxx> wrote:
>
> Hi,
>
> On Mon, May 25, 2026 at 10:27 AM Alexander Aring <aahringo@xxxxxxxxxx> wrote:
> >
> > Hi,
> >
> > On Sat, May 16, 2026 at 10:03 PM Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx> wrote:
> > >
> > > commit 080e5563f878 only checks for len > DLM_RESNAME_MAXLEN, which does
> >
> > check with checkpath, it reports an error regarding how this commit
> > reference is done.
> >
>
> This also addresses CVE-2026-43125 [0].
>
> - Alex
>
> [0] https://lore.kernel.org/linux-cve-announce/2026050619-CVE-2026-43125-c9f9@gregkh/

cc the right folks cve@xxxxxxxxxx as described in the kernel documentation.

There is another patch required for CVE-2026-43125 [0].

Joseph I think for v3 you should cc also cve@xxxxxxxxxx and mention
this in your commit msg.

Thanks.

- Alex

[0] https://lore.kernel.org/gfs2/20260517020315.1064253-1-joseph.qi@xxxxxxxxxxxxxxxxx/