Re: Bug: use-after-free in udf_statfs in fs/udf/super.c:2415

From: Kun Hu
Date: Tue Jan 07 2025 - 08:15:49 EST

Next message: Abel Vesa: "[PATCH] arm64: dts: qcom: x1e80100: Fix usb_2 controller interrupts"
Previous message: Krzysztof Kozlowski: "[PATCH] dt-bindings: Correct indentation and style in DTS example"
In reply to: Jan Kara: "Re: Bug: use-after-free in udf_statfs in fs/udf/super.c:2415"
Next in thread: Kun Hu: "Re: Bug: use-after-free in udf_statfs in fs/udf/super.c:2415"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
> So this is about your threat model. Writing to the device while a filesystem
> is mounted there is corrupting its cached state - i.e., it is effectively
> equivalent to corrupting memory. Generally only system administrator can do
> this and hence there is not any security vulnerability because the system
> administrator has better means of compromising the machine.
>
> That being said there are locked down configurations where even root is not
> expected to be able to get full control of the kernel but then you must
> have this properly configured and disabling CONFIG_BLK_DEV_WRITE_MOUNTED is
> one of the things you should do in such case.
>
> Honza
> --
> Jan Kara <jack@xxxxxxxx>
> SUSE Labs, CR

Learning a lot, thanks a lot!

———
thanks,
Kun Hu

Next message: Abel Vesa: "[PATCH] arm64: dts: qcom: x1e80100: Fix usb_2 controller interrupts"
Previous message: Krzysztof Kozlowski: "[PATCH] dt-bindings: Correct indentation and style in DTS example"
In reply to: Jan Kara: "Re: Bug: use-after-free in udf_statfs in fs/udf/super.c:2415"
Next in thread: Kun Hu: "Re: Bug: use-after-free in udf_statfs in fs/udf/super.c:2415"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]