Received: by 2002:a89:2c3:0:b0:1ed:23cc:44d1 with SMTP id d3csp714916lqs; Tue, 5 Mar 2024 14:25:25 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUTLBrKBIgzRaecZnr9kZubBpAvJ9Jdo6H2Xda6UagJSNgiDFuQQzaRMRsbNo1D6Sf5tSNTuIycpTvIpxUZlzPxVbxFJBpiWDtloBWCjA== X-Google-Smtp-Source: AGHT+IH4d3aIpGlwRo0L7PDKkZP5XdMoR2L8i743VFBJEF/Z/fwbswr+ONF6e+Q88LeZJ+hNyrxT X-Received: by 2002:a17:906:3b59:b0:a45:82cc:c1db with SMTP id h25-20020a1709063b5900b00a4582ccc1dbmr3210498ejf.9.1709677524920; Tue, 05 Mar 2024 14:25:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709677524; cv=pass; d=google.com; s=arc-20160816; b=gQFXnmIUcKIWi1wp7F+5ZBhsQCTzaX3kfn8Oyp4KkrR4B9kjquKOMmBXbllexEPee5 wTsPsDxrF7ymzdS8mDk1x7dcZg790u3OpsCuW7tqEBfI1gnY1CfI5H7shWrZYjEEhAPK wKKkyVFNgDtNw1bofwJ2U2wYpvFara73viVm1cc7nq4gMSAf4tQVI576789NZZVA54WA dO0BmcGs+cOnL3mPtS0g6uqjKu31CpHj2+4SfosdVfsccn07U/kAbuvitixfbTbYB0Qv 9BEw+zJH/Nge8mC8rW/KKxCiIQmTSlvWIfE0yK2potQxr/fKG/AcYx+iYUEz9cWeurao x1xQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=412SFQen36iM550LRpr7QCXqTh/++S8U3X8v+P01rhk=; fh=3ynnNE0lEkjBsJ5xbg51H0hQnqZ5DhcMGpaBecNZL6M=; b=KU4X59834OqHIsK3mxUm2W2UcVknwzShMCBlew6C8r6FrxRugzXr9bXwfcAPaqnT7c x4dWDeqkEo70jZjS2j9I+N19RRwTf/R6QkhvlQDJ4BtQioSKC/CokiYT8Ph2LUmwZrvV r5Pf4b7kI5YmXdRQ+UCPjDDXseTxnKQIxzrCt6jsAFhIdAmp5All0EDpN21XdDzvf6vV VAJx9/TO6SHmbweGQPT/lKahazIQrZ9Fy8PhoyuBJpJk2hqVHVgJ/7c6HQxCFsSNMlnw 9fn1W9UXnTeow8m+z+vk13tnBJ1tPw0RCpJCoBDbMt1KSg5eZwE/dzoNdWA8kDjlmHJJ gOVw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Gemf1XjK; arc=pass (i=1 dkim=pass dkdomain=linuxfoundation.org); spf=pass (google.com: domain of linux-kernel+bounces-93054-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-93054-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id w25-20020a17090633d900b00a4415425216si963499eja.783.2024.03.05.14.25.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Mar 2024 14:25:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-93054-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Gemf1XjK; arc=pass (i=1 dkim=pass dkdomain=linuxfoundation.org); spf=pass (google.com: domain of linux-kernel+bounces-93054-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-93054-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id A195B1F25202 for ; Tue, 5 Mar 2024 22:25:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4D4E512D1F7; Tue, 5 Mar 2024 22:25:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="Gemf1XjK" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 77DE018E29 for ; Tue, 5 Mar 2024 22:25:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709677515; cv=none; b=BkumshUfasn1QR/OVpx6MExHqBjEod3Kk6mjueJyaUGikZ9/XgC2ia4ABWhGovyLR35oT0seRLPiTr7UBG1pVdZHdGTHlmgj8N2gV6lrskfYaD/A6vTcSu84uoZstTCVH5it9HgUf0b4Ujsahr2kcLHfn5WN4icFZ0XQCjDJ4s0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709677515; c=relaxed/simple; bh=Ep1JmQKGaGwRYwPkX5qkhsSyqWOpGbHUlzLHbGcoox0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=QcYvaLxTZlkuy+5/yrk78tMv/EKe5YfN5ZVeWzouhbnEfeVQOyC1cPSXqmKj+CtqOeUdmwpxl3yR7jpTbyVoDs9caXLLbpoOxR9V6cybrMWzMJHE9AB8rO39HN6olxpTymcRwZSJRK2RU7gJDyETmeX8vHPgrbx5CJ1lUW+P5Sk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=Gemf1XjK; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id D77DFC433C7; Tue, 5 Mar 2024 22:25:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1709677515; bh=Ep1JmQKGaGwRYwPkX5qkhsSyqWOpGbHUlzLHbGcoox0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Gemf1XjKwbKz+W05RL044F37GGXRGcmhBsGtXzworfc/Di/FUoj0n6CbNPbAhxKiA 07clvOZ4hASsMPtCdS8Vmr++H9xgE4g8OlmNvjAaqS+ca6bo5W/Ly3Pf/7cRPP7d0y DUrEMY9W5LMBCC9QoBfSR0iEhMRUQjPmaU8ONSto= Date: Tue, 5 Mar 2024 22:25:11 +0000 From: Greg Kroah-Hartman To: Michal Hocko Cc: cve@kernel.org, linux-kernel@vger.kernel.org Subject: Re: CVE-2023-52560: mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() Message-ID: <2024030527-sinless-platter-510a@gregkh> References: <2024030252-CVE-2023-52560-c3de@gregkh> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Tue, Mar 05, 2024 at 05:51:11PM +0100, Michal Hocko wrote: > On Sat 02-03-24 22:59:54, Greg KH wrote: > > Description > > =========== > > > > In the Linux kernel, the following vulnerability has been resolved: > > > > mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() > > > > When CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y > > and CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected. > > This is a kunit test case AFAICS. Is this really a CVE material? People run kunit tests on real systems (again, we do not dictate use cases.) So yes, fixing a memory leak that can be triggered is resolving a weakness and so should get a CVE I would think, right? thanks, greg k-h