[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)
From:       Yves-Alexis Perez <corsac () debian ! org>
Date:       2019-01-24 9:30:28
Message-ID: e04349fc26ad12ba9a8d3b74848b42c88bba5dc3.camel () debian ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Wed, 2019-01-23 at 14:28 -0600, Timothy Michaud wrote:
> NOTE: I have requested a CVE identifier, and I'm sending this message, to
> make tracking of the fix easier; however, to avoid missing security fixes
> without CVE identifiers, you should *NOT* be cherry-picking a specific
> patch in response to a notification about a kernel security bug.
> 
> Due to a lack of "access_ok()" checks in i915_gem_execbuffer2_ioctl[1], it
> is possible to escalate privileges similar to the waitid vulnerability[2]

Hi, thanks for the report.

The patch doesn't seem CC: stable, could you give us a status on the various
stable releases?

Regards,
- -- 
Yves-Alexis
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlxJhbQACgkQ3rYcyPpX
RFsNSwf/WQH9UPK9YIFBdu47hZUKOr2tRkFosjnyEecG8HsBxI1191fXsZcGgeJk
YVzL+oWvlvQcTajPnbBLPU6qey9ZFz8AdNkXGSKXnejaPpn9LvkJntT086s6lX1i
dWSgDbhAX0PT2UO1I1k4GJ5KA8SxEIzPnqq2moB8WjcIIWuqFEFJIjYkL36Wovhp
/rKIBZGMX25zxKHzCckGYcski/KKFpgqbqbyQ2jLydht3nHczlhGP/lTa/DVr8IN
YH//6ayr0Kml/G9X8ZIV1ciu+UKQGFAVwrXNAmugNmy6tZwRVDezvP2+JfWZNAG/
bjhyac/xqmS/VquQjKKgyTQPoPBUkg==
=Xt1Y
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]