Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access

From: Brendan Jackman
Date: Mon Mar 17 2025 - 04:14:29 EST

Next message: Kunwu Chan: "[PATCH] rust: sync: optimize rust symbol generation for CondVar"
Previous message: Kirill A. Shutemov: "Re: [PATCH RFC] KVM: TDX: Defer guest memory removal to decrease shutdown time"
Next in thread: Greg KH: "Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> It is trivial to craft a module to trigger OOB access in this line:

Requires loading a crafted module? I don't think there's any coherent threat
model where this is a vuln. Probably a CVE to revoke?

Unless there's some detail I'm not aware of, e.g. this bit of the module isn't
signed or something.

Cheers,
Brendan

Next message: Kunwu Chan: "[PATCH] rust: sync: optimize rust symbol generation for CondVar"
Previous message: Kirill A. Shutemov: "Re: [PATCH RFC] KVM: TDX: Defer guest memory removal to decrease shutdown time"
Next in thread: Greg KH: "Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]