From: Mark Salyzyn <salyzyn@android.com>
To: "Schmauss, Erik" <erik.schmauss@intel.com>,
Greg KH <gregkh@linuxfoundation.org>
Cc: "Moore, Robert" <robert.moore@intel.com>,
stable <stable@vger.kernel.org>,
Seunghun Han <kkamagui@gmail.com>,
"Wysocki, Rafael J" <rafael.j.wysocki@intel.com>,
kernel-team <kernel-team@android.com>
Subject: Re: ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
Date: Tue, 15 May 2018 13:42:26 -0700 [thread overview]
Message-ID: <2f9345ae-9b20-0a8f-f63c-36967a684e30@android.com> (raw)
In-Reply-To: <CF6A88132359CE47947DB4C6E1709ED539DDF3E8@ORSMSX110.amr.corp.intel.com>
On 05/15/2018 10:36 AM, Schmauss, Erik wrote:
>>>> But I'm going to push back on this. The kernel security team said
>>>> something like "this is crazy, if you control ACPI tables you have
>>>> bigger problems" when this bug was reported and told the developer
>>>> to just submit this as a normal code cleanup.
>>>>
>>>> Granting this a CVE was, in my opinion, a total mistake as well.
>>>> This doesn't fix any "real" problem that anyone can hit in the wild
>>>> from what I can tell. And again, if you can modify ACPI tables,
>>>> there are much bigger problems you can cause on the hardware.
>>> Agreed. Could we somehow close this CVE?
>> Please do, you can submit a request for it to be rejected on the main CVE site
>> somewhere. I've done it once in the past.
> Ok. I'll do this.
Thanks!
Please do the same for CVE-2017-13694 (not in Linus' tree) as well as
this one CVE-2017-13695 (in Linus' tree) as they are both associated
with crafted ACPI tables.
I am rescinding my request to have these in stable for security concerns.
> If the AML is correct, it's fine. Almost all OEMs use ASL compilers like iASL to ensure
> correctness of ASL/AML.
That probably is enough to push back on stable, really an academic
defence in depth measure.
>
> This patch might be nice to have for when users wish to alter their ACPI tables by hand
> and those altered ACPI tables cause this memory leak. If you wish to account for
> memory leaks that result from these hand-crafted AML files, then you should add this
> patch. Otherwise, it's not necessary.
Linus' tree has this, should deal with those advanced developers/users
that wish to alter their ACPI tables by hand? The leak is probably a
smaller issue than what can happen if someone decides to adjust them by
hand ;-}
-- Mark
prev parent reply other threads:[~2018-05-15 20:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-09 21:30 ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c Mark Salyzyn
2018-05-10 6:55 ` Greg KH
2018-05-10 18:45 ` Schmauss, Erik
2018-05-11 5:23 ` Greg KH
2018-05-15 17:36 ` Schmauss, Erik
2018-05-15 20:42 ` Mark Salyzyn [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2f9345ae-9b20-0a8f-f63c-36967a684e30@android.com \
--to=salyzyn@android.com \
--cc=erik.schmauss@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=kernel-team@android.com \
--cc=kkamagui@gmail.com \
--cc=rafael.j.wysocki@intel.com \
--cc=robert.moore@intel.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.