* Backport of 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc") to older stable series? (at least 6.1.y)
@ 2024-04-10 19:02 Salvatore Bonaccorso
2024-04-10 19:09 ` Greg Kroah-Hartman
0 siblings, 1 reply; 2+ messages in thread
From: Salvatore Bonaccorso @ 2024-04-10 19:02 UTC (permalink / raw)
To: stable; +Cc: Greg Kroah-Hartman, Sasha Levin, Thadeu Lima de Souza Cascardo
Hi Greg, Sasha, Thadeu,
Today there was mentioning of
https://www.jmpeax.dev/The-tale-of-a-GSM-Kernel-LPE.html
a LPE from the n_gsm module. I do realize, Thadeu mentioned the
possible attack surface already back in
https://lore.kernel.org/all/ZMuRoDbMcQrsCs3m@quatroqueijos.cascardo.eti.br/#t
Published exploits are referenced as well through the potential
initial finder in https://github.com/YuriiCrimson/ExploitGSM .
While 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach
N_GSM0710 ldisc") is not the fix itself, it helps mitigating against
this issue.
Thus can you consider applying this still to the stable series as
needed? I think it should go at least back to 5.15.y but if
Iunderstood Thadeu correctly then even further back to the still
supported stable branches.
What do you think?
Regards,
Salvatore
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Backport of 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc") to older stable series? (at least 6.1.y)
2024-04-10 19:02 Backport of 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc") to older stable series? (at least 6.1.y) Salvatore Bonaccorso
@ 2024-04-10 19:09 ` Greg Kroah-Hartman
0 siblings, 0 replies; 2+ messages in thread
From: Greg Kroah-Hartman @ 2024-04-10 19:09 UTC (permalink / raw)
To: Salvatore Bonaccorso; +Cc: stable, Sasha Levin, Thadeu Lima de Souza Cascardo
On Wed, Apr 10, 2024 at 09:02:50PM +0200, Salvatore Bonaccorso wrote:
> Hi Greg, Sasha, Thadeu,
>
> Today there was mentioning of
>
> https://www.jmpeax.dev/The-tale-of-a-GSM-Kernel-LPE.html
>
> a LPE from the n_gsm module. I do realize, Thadeu mentioned the
> possible attack surface already back in
>
> https://lore.kernel.org/all/ZMuRoDbMcQrsCs3m@quatroqueijos.cascardo.eti.br/#t
>
> Published exploits are referenced as well through the potential
> initial finder in https://github.com/YuriiCrimson/ExploitGSM .
>
> While 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach
> N_GSM0710 ldisc") is not the fix itself, it helps mitigating against
> this issue.
>
> Thus can you consider applying this still to the stable series as
> needed? I think it should go at least back to 5.15.y but if
> Iunderstood Thadeu correctly then even further back to the still
> supported stable branches.
>
> What do you think?
Sure, I'll queue it up. I think the "real" bugs there are already
resolved in the various older kernel trees, but adding this is "defense
in depth" and makes sense.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-04-10 19:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-10 19:02 Backport of 67c37756898a ("tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc") to older stable series? (at least 6.1.y) Salvatore Bonaccorso
2024-04-10 19:09 ` Greg Kroah-Hartman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).