Re: CVE-2024-35941: net: skbuff: add overflow debug check to pull/push helpers

From: Greg Kroah-Hartman
Date: Tue Jun 04 2024 - 09:37:39 EST

Next message: Kamil Horák - 2N: "[PATCH v4 0/3] net: phy: bcm5481x: add support for BroadR-Reach mode"
Previous message: joswang: "Re: [PATCH v2, 3/3] usb: dwc3: core: Workaround for CSR read timeout"
In reply to: Michal Hocko: "Re: CVE-2024-35941: net: skbuff: add overflow debug check to pull/push helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 04, 2024 at 01:01:17PM +0200, Michal Hocko wrote:
> AFAICS this patch is not fixing any security bug. It adds debugging
> output and triggers a WARN_ON with CONFIG_DEBUG_NET (which could panic
> the system with panic_on_warn which has been broadly considered a CVE
> material by the kernel CVE team).
>
> Please drop this CVE.

Ick, I thought we had weeded that one out, sorry about that. Now
rejected.

greg k-h

Next message: Kamil Horák - 2N: "[PATCH v4 0/3] net: phy: bcm5481x: add support for BroadR-Reach mode"
Previous message: joswang: "Re: [PATCH v2, 3/3] usb: dwc3: core: Workaround for CSR read timeout"
In reply to: Michal Hocko: "Re: CVE-2024-35941: net: skbuff: add overflow debug check to pull/push helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]