Re: CVE-2024-35941: net: skbuff: add overflow debug check to pull/push helpers
From: Greg Kroah-Hartman
Date: Tue Jun 04 2024 - 09:37:39 EST
On Tue, Jun 04, 2024 at 01:01:17PM +0200, Michal Hocko wrote:
> AFAICS this patch is not fixing any security bug. It adds debugging
> output and triggers a WARN_ON with CONFIG_DEBUG_NET (which could panic
> the system with panic_on_warn which has been broadly considered a CVE
> material by the kernel CVE team).
>
> Please drop this CVE.
Ick, I thought we had weeded that one out, sorry about that. Now
rejected.
greg k-h