Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp4542617rwd; Tue, 30 May 2023 06:55:02 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ46ILgX+huBd42GJZBUS4i1rC/KTE83p2PcLzfjvmx9tIyObVpJu6GdJR4i5HYziv0c42p+ X-Received: by 2002:a17:902:8f94:b0:1b0:3ddb:d033 with SMTP id z20-20020a1709028f9400b001b03ddbd033mr2473275plo.29.1685454901998; Tue, 30 May 2023 06:55:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685454901; cv=none; d=google.com; s=arc-20160816; b=vhBtBGulr4f3z0AaZNNcbMhUxhA1FIjFSEtFE4rZhWmlnoydpTuxlT73YYVxYSTkfd nKmE/7se0bB5BjqM9V2UaQcC0HugWYZbd7tDb6tvHSjpmMHXFm0uEFs60I64V0rbtpWs QUniuJm96BbfhbDoJi1rSAU+Ao1hSq964a/K1GV8vRlqo0GXiYWv+4UXR9mqkycDpiC8 x5Lj5KElEqFecJP4iD2MgJXUVYdTbI7bywlJk7YCcDce8wqDA4XqrIO8sqZDzZUaGrOY HD4CZ8aIDGtctv45y+WpMjebToSuQjJzXeu1inrI/v/hv8OJq1koAgsn7cHcbE9QSyOw Qh9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=yjqGDrlyFTrITVrdH1NMTtJPOVLUWoctPBqSMsWgWbU=; b=Yx0Z02QO10feTEnv/7Ww4O+S2qhGvadCtZEQmTy5ze70GzaSbShR7glwMwPZqJ9nxc YxLCoc+M9vMYKigDGQi1PB4Kz6B2UACRj1TveJkmrgPfz8MTmfueNVpl0/wMa7Ld9dVz fztLnZsoCepKM2dXhRh2aGM/EBn3swgnW0mNTK+Rx7B0nGnQn1mdKkTNAbt+oMdVFuFm WaY10VJfjRwLqKBdoXZgQop5TMzjo5REAeYW9MQyqS0gt85wQs1Q3tUA6isUtCbkys2s 5TMqx0LF3pKV2ZDFYhXSwJcE6vtezb6mGix6fXP4v283dtzkCSkuGvJS2Q3jTrMo+EHg H8Mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jVKnFkvJ; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u6-20020a170902e5c600b001a8102f5d7fsi12144069plf.504.2023.05.30.06.54.44; Tue, 30 May 2023 06:55:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jVKnFkvJ; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232769AbjE3NnA (ORCPT + 99 others); Tue, 30 May 2023 09:43:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232762AbjE3Nm7 (ORCPT ); Tue, 30 May 2023 09:42:59 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 10E35C5; Tue, 30 May 2023 06:42:59 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id A1DAC62EEC; Tue, 30 May 2023 13:42:58 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8E9EDC433D2; Tue, 30 May 2023 13:42:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1685454178; bh=88twlvhBpz/dbRVQNZujTvpnfWesPLuIsK8tph8tdlg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=jVKnFkvJq39Cvb+WW3ywNYWG9VAHM6Lwf/cJgsbIqABjC3ecepZZVvquVtHE2yO/j ysknKcnQx5aWgWvNEUzXbouSVaS+HSF+mmCyP/4W0rMnPif2GRs5UxLcQNezRzHdsv rwXYVapbMGdwgefrS0ormPmbxqx+xhfdg8kNX77U= Date: Tue, 30 May 2023 14:42:55 +0100 From: Greg KH To: Dragos-Marian Panait Cc: stable@vger.kernel.org, Ruihan Li , Marcel Holtmann , Luiz Augusto von Dentz , Johan Hedberg , Paolo Abeni , "David S . Miller" , Eric Dumazet , Jakub Kicinski , netdev@vger.kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 4.14 0/1] Hardening against CVE-2023-2002 Message-ID: <2023053030-moaning-endanger-ac26@gregkh> References: <20230530131740.269890-1-dragos.panait@windriver.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230530131740.269890-1-dragos.panait@windriver.com> X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org On Tue, May 30, 2023 at 04:17:39PM +0300, Dragos-Marian Panait wrote: > The following commit is needed to harden against CVE-2023-2002: > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=000c2fa2c144c499c881a101819cf1936a1f7cf2 > > Ruihan Li (1): > bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() > > net/bluetooth/hci_sock.c | 28 ++++++++++++++++++++++++++++ > 1 file changed, 28 insertions(+) > > > base-commit: b3f141a5bc7f877e96528dd31a139854ec4d6017 > -- > 2.40.1 > Nit, for 1 patch series, no need for a cover letter, you can put the same info below the --- line if that's easier. thanks, greg k-h