Received: by 2002:ab2:69cc:0:b0:1fd:c486:4f03 with SMTP id n12csp346263lqp; Tue, 11 Jun 2024 06:29:20 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVXSQMIAHImrs0fxD/CKRkgPAdD42mynFiphuQkMjroIRE+5hfZ2rmhCsrxkqaq/M+l6OKjfbO/9HjPTSgJxLZWSZPCcU4L+7Px59I6UQ== X-Google-Smtp-Source: AGHT+IEPKhbGjQ/jKVj0ShBtNoDFV7a0YaMxpfoaFrMKkk8O/gK58ZpeWreKrcGcKDW1Cu+q1kp8 X-Received: by 2002:aa7:d78f:0:b0:57a:322c:b1a5 with SMTP id 4fb4d7f45d1cf-57c509798b5mr7743254a12.38.1718112559800; Tue, 11 Jun 2024 06:29:19 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718112559; cv=pass; d=google.com; s=arc-20160816; b=UDaYMlEJmaR46dRcynEzQACqjg+98Awv2nGhNvVVRkf8Nav8ul8BHawfzaBvb39ckZ 3t3mK5A/exgQAsktjslKJENhIl4CVH0fPAzUBqXw7n1EZVrP+9dM5CRUm3XYtA6KMTLX KDt0fClLT+DF+zff2dhdn2a6o6q+l7CgfkrmJebERQ+TjikUNlzarm0uGoDdJ9gOK0k0 VbkNxakDQE27o8L2MSV/o+mMPpcZ8olJ6U8W4KGl+Zr/k6U9P/HGTVOKtVFngFNgtZwG nsqNu4JcInV37w2NZjvY0CM2MfXK5kQj7QLPwynJlZ9dn2hLW3rtSfO4k2fUHU/X1rrh ZL+A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=aW3n7doC6ZX6y4RgjN/k3xHJVQKHygde7bq3KkIuBZA=; fh=j6Ct3QjYbj4jfc6YGmfurNSGu7MzCkxNg+fNAtFXxQg=; b=bnkyrkybz3UcE2KxcQViie9qmytHufBL429Ap8P9rT3o+WGrFdGO2XZTNsRnmgKTGL rq2wA4TjAGejWQIMXpexsMbQSadK9ihTEJkJHPiiCPCdRHCySOB81uL/tlVi6H44Z2r1 3h8fw70285lo+mka4IWltqE6GXhSmr0PNjkWm/QGrIG7fl29EaWpKq3ek3TBYZ7J01Uu YPpEolmZTHopVavjTWbI6Tp0fSHwDyV0u/9KEKMKCTjfHTGLyd0sSqaG3Dsx9VhB6NoO jkBwoCq7r6fgapg6KBigF24KGSRslJWkiNMdCkszOX5VefPnQy66vazwupVbper+GVqH /jCQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rhOS1BFC; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-209952-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-209952-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-57c6f4de6b1si3509323a12.406.2024.06.11.06.29.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jun 2024 06:29:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-209952-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=rhOS1BFC; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-209952-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-209952-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 5E1691F24590 for ; Tue, 11 Jun 2024 13:29:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 77DD417D37B; Tue, 11 Jun 2024 13:28:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="rhOS1BFC" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9548A17CA03; Tue, 11 Jun 2024 13:28:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718112529; cv=none; b=iyNqyMCS+dIMQe63OqKzVgNtrOW9B1uhsvTT4u9NllQWKGdeP6Kn48g++n8HDdZbRIvqs4HU8+bLidWxvPrOPcCsFZLr0wwM8MI5A+yrwuDBioZgPQpO8WDfQpJxZyY98U5haluR+rbRg69n0W2bifnFUvlo9Va4scHXbmnoc10= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718112529; c=relaxed/simple; bh=ZEwkkTMQL/4fU2ogDD+72F11vuWnXpG/X2IJwXrbNJg=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=tm9p+5EtVHDN5cKOpnoEI5OiYBWGVeogYhgHfmPC5dKOePlFJzLK9c6BJhWNW/17BLOhi1xKmLjaBIqjHqDd0H6HRv/QlxAmO7m8pnFhaAf2Z7gxv7QBMG/LWNZDosk0FNIRKwdlavP6hpQKCUFG7XZlQCLLvKoS0jNLKzCiHeg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=rhOS1BFC; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 263DFC32789; Tue, 11 Jun 2024 13:28:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1718112529; bh=ZEwkkTMQL/4fU2ogDD+72F11vuWnXpG/X2IJwXrbNJg=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=rhOS1BFCh7cbbhKz1ccVOKRvbXIq1FJmo/rVJft3QXoyzzZafE0gQjXqMCnQZIlOa 4eetBZ1P8FUq/5CvclReuRediHZV+9TmOSkAbGIm7uesi803Q9/6OWEhnWPLoZwWrq yJCm2A/4VnK8IolB2fSAvbxa6D87+QNvashqCXp2ifk+RA9qHpr8r0BG+unY7wo/iS i3tQwiHDYjNjryXQXcWk5Bwjy479BwbaakUiw6OrPhScuGlpbja6QKH14Zr/73Ajii NJoDL9NwrosR7EtP1FcMnVX/ftSb0qYDdJxjTaqK6jIkPCbdILeU5/aSIW2/OOIXlk OpMCrVS8rSVZg== Received: by mail-oo1-f44.google.com with SMTP id 006d021491bc7-5b96a95c5e8so3038732eaf.3; Tue, 11 Jun 2024 06:28:49 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCXfjOwzOaSUDFkO4T20G8AWrTsHt1OjyQbdi/2RyT+69TZdAziDqOAjvaXBJlx+gEoABT6ZCMGnWRUAYylx4VbP5FzzCM/PJIlSTsKd6J4WHqbpQzke/rBb4gcH7f7TD00eVZsmAio/CfobNO7/OZE0 X-Gm-Message-State: AOJu0YyRDmTAwI4/DIEVvTwQFFpcTdzKA7UE9/Wa3jbudtlTKLLkcUPx iH2KF+I7354SjwWpDLQapq3WlT3HqocbFrpEJuOF5JZ1mMzdz2JQZ50H7aI0ftKEHGqOhrhiXrJ 6uFE1J7y9Jy3ZK5NdlCo8a080fb4= X-Received: by 2002:a05:6820:168e:b0:5bb:672:404d with SMTP id 006d021491bc7-5bb067242a8mr5150419eaf.7.1718112528431; Tue, 11 Jun 2024 06:28:48 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <2024051727-CVE-2023-52666-802b@gregkh> <85948141-5eae-bb3d-cb39-62fc6ddfe476@huawei.com> In-Reply-To: <85948141-5eae-bb3d-cb39-62fc6ddfe476@huawei.com> From: Namjae Jeon Date: Tue, 11 Jun 2024 22:28:36 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: CVE-2023-52666: ksmbd: fix potential circular locking issue in smb2_set_ea() To: Wang Zhaolong Cc: cve@kernel.org, linux-kernel@vger.kernel.org, linux-cve-announce@vger.kernel.org, Greg Kroah-Hartman Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable 2024=EB=85=84 6=EC=9B=94 11=EC=9D=BC (=ED=99=94) =EC=98=A4=ED=9B=84 8:30, W= ang Zhaolong =EB=8B=98=EC=9D=B4 =EC=9E=91=EC=84= =B1: > > > > > > The Linux kernel CVE team recommends that you update to the latest > > stable kernel version for this, and many other bugfixes. Individual > > changes are never tested alone, but rather are part of a larger kernel > > release. Cherry-picking individual commits is not recommended or > > supported by the Linux kernel community at all. If however, updating t= o > > the latest release is impossible, the individual changes to resolve thi= s > > issue can be found at these commits: > > https://git.kernel.org/stable/c/5349fd419e4f685d609c85b781f2b70f0= fb14848 > > https://git.kernel.org/stable/c/e61fc656ceeaec65f19a92f0ffbeb562b= 7941e8d > > https://git.kernel.org/stable/c/e9ec6665de8f706b4f4133b87b2bd02a1= 59ec57b > > https://git.kernel.org/stable/c/ecfd93955994ecc2a1308f5ee4bd90c7f= ca9a8c6 > > https://git.kernel.org/stable/c/6fc0a265e1b932e5e97a038f99e29400a= 93baad0 > > Hello. > > Is this a valid CVE patch? > > I noticed that the introduced `get_write` is not being used within the > function, and there are no follow-up patches addressing this. My bad, I'll update this. Thank you for your review. > > Best regards, > > Wang Zhaolong >