Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree

Next message: Jakub Kicinski: "Re: [PATCH net] octeontx2-af: cn10k: restrict LMTLINE sharing to same PF"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH net] l2tp: use refcount_inc_not_zero in l2tp_session_get_by_ifname"
In reply to: Greg KH: "Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree"
Next in thread: Alexander Aring: "Re: [PATCH v2] dlm: fix buffer overflow from negative len in dlm_search_rsb_tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Joseph Qi

Date: Tue May 26 2026 - 21:02:20 EST

On 5/26/26 9:58 PM, Alexander Aring wrote:
> Hi,
>
> On Mon, May 25, 2026 at 1:39 PM Alexander Aring <aahringo@xxxxxxxxxx> wrote:
>>
>> Hi,
>>
>> On Mon, May 25, 2026 at 10:27 AM Alexander Aring <aahringo@xxxxxxxxxx> wrote:
>>>
>>> Hi,
>>>
>>> On Sat, May 16, 2026 at 10:03 PM Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx> wrote:
>>>>
>>>> commit 080e5563f878 only checks for len > DLM_RESNAME_MAXLEN, which does
>>>
>>> check with checkpath, it reports an error regarding how this commit
>>> reference is done.
>>>
>>
>> This also addresses CVE-2026-43125 [0].
>>
>> - Alex
>>
>> [0] https://lore.kernel.org/linux-cve-announce/2026050619-CVE-2026-43125-c9f9@gregkh/
>
> cc the right folks cve@xxxxxxxxxx as described in the kernel documentation.
>
> There is another patch required for CVE-2026-43125 [0].
>
> Joseph I think for v3 you should cc also cve@xxxxxxxxxx and mention
> this in your commit msg.
>

This is indeed found when I backport this CVE into our tree.
But I think it is a different case so I just send to upstream first.

Thanks,
Joseph