From: Ben Hutchings <ben@decadent.org.uk>
To: kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org
Subject: Re: [kernel-hardening] 2015 kernel CVEs
Date: Tue, 19 Jan 2016 16:32:08 +0000 [thread overview]
Message-ID: <1453221128.3734.26.camel@decadent.org.uk> (raw)
In-Reply-To: <20160119112812.GA10818@mwanda>
[-- Attachment #1: Type: text/plain, Size: 2358 bytes --]
On Tue, 2016-01-19 at 14:28 +0300, Dan Carpenter wrote:
> I like to look back over old CVEs to see how we could do better. Here
> is the list from 2015. I got most of this information from the Ubuntu
> CVE tracker. Thanks Ubuntu!. If it doesn't have a hash that means it
> might not be fixed yet.
[...]
> CVE-2013-2015 0e9a9a1ad619: ext4: hang during mount
[...]
That's not *from* 2015.
You missed a few recent ones:
CVE-2015-7566 : Crash on invalid USB device descriptors in visor driver
CVE-2015-8550 54d5d882c7e4, 0f589967a73f, 68a33bfd8403, 1f13d75ccb80, 18779149101c, be69746ec12f, 8135cf8b0927: paravirtualized drivers incautious about shared memory contents
CVE-2015-8551 56441f3c8e5b, 5e0ce1455c09, a396f3a210c3, 7cfb905b9638, 408fb0e5aa7f: Linux pciback missing sanity checks leading to crash
CVE-2015-8552 56441f3c8e5b, 5e0ce1455c09, a396f3a210c3, 7cfb905b9638, 408fb0e5aa7f: Linux pciback missing sanity checks leading to crash
(There's some subtle distinction between the last two.)
[...]
> There was only a coupls CVEs that looks like they came from a filesystem
> fuzzer where you create a corrupt filesystems and then try use them.
> There was only one that might have come from a USB fuzzer. We probably
> should be testing those things better.
I think that hardening filesystems is a losing battle. We can fuzz
with and protect against invalid static filesystem images, but the full
problem includes malicious removable storage devices that can exploit
TOCTTOU issues. We should probably be encouraging distributions to
mount removable devices using FUSE and to run the filesystem code with
minimal privileges.
As for USB descriptors, I'm somewhat more hopeful about hardening. At
the same time, it seems like it should be practical to put more low-
performance USB drivers into userspace.
[...]
> A lot of the bugs are just really complicated things with funny corner
> cases, namespace issues or people just made mistake in the logic and
> it's hard to do anything about it.
We can add chicken bits so that admins who don't need certain features
can turn them off (or, inversely, those who do need them will need to
turn them on).
Ben.
--
Ben Hutchings
Horngren's Observation:
Among economists, the real world is often a special case.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 811 bytes --]
next prev parent reply other threads:[~2016-01-19 16:32 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-19 11:28 2015 kernel CVEs Dan Carpenter
2016-01-19 11:28 ` [kernel-hardening] " Dan Carpenter
2016-01-19 11:49 ` Hanno Böck
2016-01-19 15:49 ` Quentin Casasnovas
2016-01-20 11:19 ` Hanno Böck
2016-01-20 14:15 ` Wade Mealing
2016-01-20 17:48 ` Hanno Böck
2016-01-19 13:13 ` Wade Mealing
2016-01-19 14:56 ` One Thousand Gnomes
2016-01-19 14:56 ` [kernel-hardening] " One Thousand Gnomes
2016-01-19 16:32 ` Ben Hutchings [this message]
2016-01-19 17:54 ` [kernel-hardening] " Greg KH
2016-01-20 17:05 ` Ben Hutchings
2016-01-20 18:04 ` Greg KH
2016-01-21 15:18 ` Jiri Kosina
2016-01-21 18:46 ` Ben Hutchings
2016-01-19 16:57 ` Peter Hurley
2016-01-19 16:57 ` [kernel-hardening] " Peter Hurley
2016-01-19 17:00 ` Josh Boyer
2016-01-19 17:00 ` [kernel-hardening] " Josh Boyer
2016-01-19 17:51 ` Greg KH
2016-01-19 17:51 ` [kernel-hardening] " Greg KH
2016-01-20 7:12 ` Marcus Meissner
2016-01-19 17:57 ` [kernel-hardening] " Theodore Ts'o
2016-01-19 18:00 ` Al Viro
2016-01-19 18:00 ` [kernel-hardening] " Al Viro
2016-01-19 22:41 ` Eric W. Biederman
2016-01-19 22:47 ` [kernel-hardening] " Eric W. Biederman
2016-01-20 20:11 ` Jann Horn
2016-01-20 21:26 ` One Thousand Gnomes
2016-01-19 23:35 ` Kees Cook
2016-01-19 23:35 ` Kees Cook
2016-01-20 9:57 ` Miroslav Benes
2016-01-20 9:57 ` [kernel-hardening] " Miroslav Benes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1453221128.3734.26.camel@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.