:: Re: [DNG] A Devuan kernel?
Pàgina inicial
Delete this message
Reply to this message
Autor: Alessandro Selli
Data:  
A: dng
Assumpte: Re: [DNG] A Devuan kernel?
On Wed, 18 Jul at 2018 05:02:06 +0200
Alessandro Selli <alessandroselli@???> wrote:

> On Wed, 18 Jul 2018 at 03:21:14 +0200
> Adam Borowski <kilobyte@???> wrote:
>
>> On Tue, Jul 17, 2018 at 05:24:11PM -0700, Rick Moen wrote:
>>> Quoting Adam Borowski (kilobyte@???):
>>>
>>>> Then there are local exploits.  Ted Ts'o for example keeps fuzzying
>>>> ext4 for years yet exploitable bugs still pop up frequently -- usually
>>>> just DoS but arbitrary code execution isn't unheard of.    

>>>
>>> I've read a lot of e2fsprogs CVEs, and cannot recall any ever having
>>> been _proved exploitable_ to allow arbitrary code execution.  In a
>>> number of cases, there have been bugs, generally buffer overflows, that
>>> in theory could _possibly_ lead to arbitrary code execution that in
>>> theory might exploit privileged code such as e2fsprogs mount code, thus
>>> in theory possibly supporting privilege escalation.    

>>
>> I'm talking about kernel not progs, and those don't get issued CVEs.
>
> A 5 secs search for "linux kernel CVE" disagrees with you:
> https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33
>
> Why on Earth would ever a kernel vulnerability not be issued a CVE?


All right, on second reading I think I misunderstood you: you mean
e2fsprogs do not get CVEs.

Well, it's still wrong, a 5 secs search for "linux e2fsprogs CVE" disagrees
with you:

https://www.suse.com/security/cve/CVE-2015-1572/

    "Description
    Heap-based buffer overflow in closefs.c in the libext2fs library in
    e2fsprogs before 1.42.12 allows local users to execute arbitrary code
    by causing a crafted block group descriptor to be marked as dirty."



Regards,


Alessandro