Received: by 2002:a05:6500:1b8f:b0:1fa:5c73:8e2d with SMTP id df15csp1077102lqb;
        Wed, 29 May 2024 22:19:04 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCWkMaLgmyy57WZAG5S6TfUc1h58dsYowyEKdpWXVSZJcQo2vzsgVSqwyVartqv1ijKTzCXWsiDXvJ5n8PgGq+xzkMkGx5Qz76qGbuqBsA==
X-Google-Smtp-Source: AGHT+IElAaUoku1FFYX155+DkVMT8HDgGSKHhfjj0BDUKXbimunnKBqwdU9UIbe0BDKma8mNlEhM
X-Received: by 2002:a05:6214:3c8f:b0:6ad:9da5:1838 with SMTP id 6a1803df08f44-6ae0cb2c6aamr15525916d6.25.1717046344315;
        Wed, 29 May 2024 22:19:04 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1717046344; cv=pass;
        d=google.com; s=arc-20160816;
        b=MCOzJ6D+SC8G4Cde/uSk5ICnECS59Rug46GLE0syQ1HxHXk3HajEJRBdzVtcj8TG+u
         Dx6TTnwVTA5BqTrNI4U6fS1F/wuQVYX3u6sVYdat3C0cwyww/7Sr8AnFvCxEq/UQTO3G
         GY076SmIJ/rvx2lhYSFTqEbisvjlTU6965O0/33Gpar+44DMnIPhKylxT3q9ncXbnUfe
         CeOvH3S8zUpPXDXfIPYgGzvp5rZPrUflEWwJFN2RXySDdvyisBltImbSDzpaqK73wkti
         7poaeg0oDnolAQqKRcjIs8fNL1aaOlJ6kPJdGR3y1Ybc/6Vri2fYL0pleHoRZ7TgOfwr
         t6ww==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=s0knTaF13YlLamob1CWUvpFutALY+jUFXwTi1BJjG30=;
        fh=BYMswpOSJaXYobBYRPh/5zwDdgjZcdMK5evW/lhxILI=;
        b=ed/ARqbkX/GaVVSZ7vZ0QhRpzBuximTnOMSAKVxB3D3UVXXKvuMuEIWNFC+LyNNz/W
         dYGGwAAzfA83Tzu/BA0x+Ss0lMVWX6/gv8wlDtJqzMk2uY2NaLnc9W6vLt1m187SxVCW
         b+PcxISFFcT75Xy5kzGAgiMgbDR9HKe32JwtWzuvtKOfw6XZZt1maGB/ct3r+kT6tI8j
         CJe8vEfehoRkiQPw/XiLIDNvbFuHTLhaSJ63sUDoM25aoiBHgV0qk1BK23YOVLcZmNrQ
         /hD/OcZbyFESmNuHr0FK0iNCglkIHdagsHtYNn2v6wM1lj3XyVjBB3svTEA1dUSJPn6w
         ty/A==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=miPpxzI4;
       arc=pass (i=1 dkim=pass dkdomain=linuxfoundation.org);
       spf=pass (google.com: domain of linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1])
        by mx.google.com with ESMTPS id 6a1803df08f44-6ac070f110esi115426246d6.218.2024.05.29.22.19.04
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 29 May 2024 22:19:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=miPpxzI4;
       arc=pass (i=1 dkim=pass dkdomain=linuxfoundation.org);
       spf=pass (google.com: domain of linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194944-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0E5E71C20FF9
	for <linux.lists.archive@gmail.com>; Thu, 30 May 2024 05:19:04 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id F09AC143C49;
	Thu, 30 May 2024 05:18:58 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="miPpxzI4"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0AFBB21A19;
	Thu, 30 May 2024 05:18:57 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1717046338; cv=none; b=hmS2dMkFbK4nd6qjyxseaqe86CPJOHu2PCB1ToSa6NwACova+KvYdctPzG1Fd7ycFle03EvcGRs+mDZtIo0x+MxmVwwztSutuvQUFrJUaxYHI4ucEHIBmmtUW0q4SD8xJ1DTLFP85Aj9OL41TK40ncBt9Xl31T+TfzmYpRWcDZ0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1717046338; c=relaxed/simple;
	bh=pB/96JTuRoro7LJvuDUAX1gz1MMHuzk0wvh4zz3qcYY=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=ayaDVTCvxTyqIgZOb7LGZB3PSHdPz4oSBwKpeJnlaevLb0lJuA4VK0fsKDqYAZSX5bsGPoj5V56/vl3hJK91zJFBQQutLTRlo7ON6bzm8BrJ+egwrI5HKEfcxejMjQTBWF/pHyA0REp3hLuJTxOLN/8gRfWvfVsEjSOOT8Ltvu8=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=miPpxzI4; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1AC56C2BBFC;
	Thu, 30 May 2024 05:18:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
	s=korg; t=1717046337;
	bh=pB/96JTuRoro7LJvuDUAX1gz1MMHuzk0wvh4zz3qcYY=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=miPpxzI4OTYb1l3r1n90qJsxQVL+atcvaro2og/zgPEzy4uEfNng1Rwqx3ZfRf/ny
	 LwtTWMX99mHCz/L85on2LtNJPS6fAj2E7HkXgDiOudZN/RoG5DhIleC4+hw03ofWYA
	 q0GoJksCAdGY4VdJziGDG0geh3X/WTcBecxxQUzQ=
Date: Thu, 30 May 2024 07:19:02 +0200
From: "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>
To: Kuzey Arda Bulut <kuzeyb.business@gmail.com>
Cc: security@kernel.org, jirislaby@kernel.org, linux-kernel@vger.kernel.org,
	linux-serial@vger.kernel.org
Subject: Re: Subject: [SECURITY] Vulnerability in Linux Kernel
Message-ID: <2024053036-villain-backlight-d92b@gregkh>
References: <CAKmisHAUUqQ-7F+7BOymY7_3XBT1FE=gskraKDC1OmySZgS0yA@mail.gmail.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAKmisHAUUqQ-7F+7BOymY7_3XBT1FE=gskraKDC1OmySZgS0yA@mail.gmail.com>

On Wed, May 29, 2024 at 08:25:18PM +0300, Kuzey Arda Bulut wrote:
> Dear Linux Kernel Security Team,
> 
> I have discovered a null-ptr-deref security vulnerability in tty driver in
> the Linux kernel. You can find the detailed descriptions of the
> vulnerability in report.md.
> 
> If you have any questions or need further information, please do not
> hesitate to contact me.

As the n_gsm is full of known issues by the developers, and the ldisc is
not allowed to be loaded by a non-root user, this isn't all that serious
of an issue.  See this thread for a list of problems that I think you
might have already found here:
	https://lore.kernel.org/r/DB9PR10MB5881D2170678C169FB42A423E0082@DB9PR10MB5881.EURPRD10.PROD.OUTLOOK.COM

Note, 2 fixes have landed in 6.10-rc2 for this driver, can you verify if
these fix the issue you are reporting here?

And do you have a proposed fix for this issue?

thanks,

greg k-h