Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access

From: Greg KH
Date: Mon Mar 17 2025 - 09:48:13 EST

Next message: Peter Zijlstra: "Re: [RFC PATCH v15 5/7] sched: Add an initial sketch of the find_proxy_task() function"
Previous message: Eric W. Biederman: "[PATCH] MAINTAINERS: Remove myself"
In reply to: Brendan Jackman: "Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 17, 2025 at 08:14:16AM +0000, Brendan Jackman wrote:
> > It is trivial to craft a module to trigger OOB access in this line:
>
> Requires loading a crafted module? I don't think there's any coherent threat
> model where this is a vuln. Probably a CVE to revoke?

Look at the commit this is marked as fixing. It was a "feature"
introduced to properly harden elf sections in modules. So if you are
relying on that new thing, then yes, this is a vulnerability. If your
system does not, then your system is not vulnerable to this issue.

thanks,

greg k-h

Next message: Peter Zijlstra: "Re: [RFC PATCH v15 5/7] sched: Add an initial sketch of the find_proxy_task() function"
Previous message: Eric W. Biederman: "[PATCH] MAINTAINERS: Remove myself"
In reply to: Brendan Jackman: "Re: CVE-2022-49444: module: fix [e_shstrndx].sh_size=0 OOB access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]