Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp5176996ioo; Tue, 31 May 2022 23:03:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyt96dgNU+OBBo6WK2Dw1K79t1FxIVwh/D8LCGH4r0WLLEnnwRVlME/40FAY/Aw3SiIgRU7 X-Received: by 2002:aa7:c79a:0:b0:42a:762e:769c with SMTP id n26-20020aa7c79a000000b0042a762e769cmr68449313eds.155.1654063437732; Tue, 31 May 2022 23:03:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654063437; cv=none; d=google.com; s=arc-20160816; b=mZzPK+VjJHJhOtASY87mfiSl9Cb2tjBaXWvXrakGtlwA3BXsKfKy3S3dyk21EFHFX0 mWgjKTEKrlApdtbl3mmt9p7kGjiMYpTGdkqFqkkLkBemE5Zz76S6naBRTdIEfaIBDsMs Uk3RpZwiafoglIUh7KfYKLR1y5xrzHErGJE4dlZesteTanNsN2JF6lLBG/jUD+MgJLZQ zGIMzHphd161tsHAt19ExbaB613DzbHHGLkJbGyvPifthSZpyt2ic4JSI3+ydSA93lB+ dimRrLGUe0c1gpO0L1xRFeWjBR49KcnmqAge157Y9h1CJ1BT8iBA4ybvEQ+ajhMW+A2i btcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:subject:user-agent:mime-version:date:message-id; bh=dbdHKNGlBJ1PPdwnQrqHwiQUT9zzwvyCrlsCHEC7CLA=; b=ySsYoGJe2bJURYXh55ewn8FpeuA2tullpKcip+ZeeBZ32GTU8FjHCUyHTYuKZAPal6 DvpjOTMA7Bnf0hGKwOxlurB5xQY4y5ycQ32Gm0TtDeL3gaL+6ZjNSr7PLBU4BUe1Jyd1 NntJDLnHtFkiTzE2j6SMHuvsR1kzAwPSfUCWt/fjp0KEqjH+Dm8kNMuxktqK+zPrtx1i zEufVgdTWryTmElltmsneSfQ4Wi9fTmtLz4S9VZjn4KDlWUj4wpaB/A7E7RX7FXkoqWz iC88MTGbl7tfRRjjKZW8zHvbkfk6vNc6X4FsImtU/88ujlRs58yDw8sllnidNCNRqbUI cnxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id nc21-20020a1709071c1500b006ff015a12easi1192112ejc.828.2022.05.31.23.03.20; Tue, 31 May 2022 23:03:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244948AbiEaIrK (ORCPT + 99 others); Tue, 31 May 2022 04:47:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56864 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244908AbiEaIrJ (ORCPT ); Tue, 31 May 2022 04:47:09 -0400 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7E6C217AB6; Tue, 31 May 2022 01:47:03 -0700 (PDT) Received: from kwepemi500008.china.huawei.com (unknown [172.30.72.53]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4LC5Tw5swWzjX4r; Tue, 31 May 2022 16:46:12 +0800 (CST) Received: from kwepemm600015.china.huawei.com (7.193.23.52) by kwepemi500008.china.huawei.com (7.221.188.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 31 May 2022 16:47:01 +0800 Received: from [10.174.176.52] (10.174.176.52) by kwepemm600015.china.huawei.com (7.193.23.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 31 May 2022 16:47:01 +0800 Message-ID: <7e1c6bd7-e97e-7a94-662d-481d94c0d1d9@huawei.com> Date: Tue, 31 May 2022 16:47:00 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.2.1 Subject: Re: [PATCH -next 0/2] fix nfsv4 bugs of opening with O_ACCMODE flag To: Lyu Tao CC: "linux-nfs@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "bjschuma@netapp.com" , "anna@kernel.org" , Trond Myklebust , "liuyongqiang13@huawei.com" , "yi.zhang@huawei.com" , "zhangxiaoxu5@huawei.com" References: <20220329113208.2466000-1-chenxiaosong2@huawei.com> <68b65889-3b2c-fb72-a0a8-d0afc15a03e0@huawei.com> <0b6546f7-8a04-9d6e-50c3-483c8a1a6591@huawei.com> <3ee78045f18b4932b1651de776ee73c4@epfl.ch> <55415e44b4b04bbfa66c42d5f2788384@epfl.ch> <88231dee-760f-b992-f1d1-81309076071e@huawei.com> <67d6a536-9027-1928-99b6-af512a36cd1a@huawei.com> <018da3c0453845329d5ae2ec8924af06@epfl.ch> <0a0ed6d1f34f49a9b847cb2891876d27@epfl.ch> From: "chenxiaosong (A)" In-Reply-To: <0a0ed6d1f34f49a9b847cb2891876d27@epfl.ch> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.176.52] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To kwepemm600015.china.huawei.com (7.193.23.52) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org I do not know other ways to update the description, you can try to send email to CVE-Request@mitre.org again. 在 2022/5/31 16:16, Lyu Tao 写道: > Hi Xiaosong, > > I sent the first email on 05.05.2022 to CVE-Request@mitre.org to require them update the description with the following information. They replied that they will update the information within that day. However, they didn't updated the description and then I sent the second email and they didn't reply me. > > Do you know any other ways to update the description. > > > "I need to update the CVE description as below: > After secondly opening a file with O_ACCMODE|O_DIRECT flags, nfs4_valid_open_stateid() will dereference NULL nfs4_state when lseek(). > And its references should be updated as this: > https://github.com/torvalds/linux/commit/ab0fc21bc7105b54bafd85bd8b82742f9e68898a " > > Best, > Tao > >> From: chenxiaosong (A) >> Sent: Tuesday, May 31, 2022 8:40 AM >> To: Lyu Tao >> Cc: linux-nfs@vger.kernel.org; linux-kernel@vger.kernel.org; bjschuma@netapp.com; anna@kernel.org; Trond Myklebust; liuyongqiang13@huawei.com; yi.zhang@huawei.com; zhangxiaoxu5@huawei.com >> Subject: Re: [PATCH -next 0/2] fix nfsv4 bugs of opening with O_ACCMODE flag >> >> Hi Tao: >> >> "NVD Last Modified" date of >> [CVE-2022-24448](https://nvd.nist.gov/vuln/detail/CVE-2022-24448) is >> already updated to 05/12/2022, but the description of the cve is still >> wrong, and the hyperlink of [unrelated patch: NFSv4: Handle case where >> the lookup of a directory >> fails](https://github.com/torvalds/linux/commit/ac795161c93699d600db16c1a8cc23a65a1eceaf) >> is still shown in the web. >> >> There is two fix patches of the cve, the web just show one of my patches. >> >> one patch is already shown in the web: [Revert "NFSv4: Handle the >> special Linux file open access >> mode"](https://github.com/torvalds/linux/commit/ab0fc21bc7105b54bafd85bd8b82742f9e68898a) >> >> second patch is not shown in the web: [NFSv4: fix open failure with >> O_ACCMODE >> flag](https://github.com/torvalds/linux/commit/b243874f6f9568b2daf1a00e9222cacdc15e159c) >> >> 在 2022/5/6 15:40, Lyu Tao 写道: >>>> From: chenxiaosong (A) >>>> Sent: Thursday, May 5, 2022 4:48 AM >>>> To: Lyu Tao >>>> Cc: linux-nfs@vger.kernel.org; linux-kernel@vger.kernel.org; bjschuma@netapp.com; anna@kernel.org; Trond Myklebust; liuyongqiang13@huawei.com; yi.zhang@huawei.com; zhangxiaoxu5@huawei.com >>>> Subject: Re: [PATCH -next 0/2] fix nfsv4 bugs of opening with O_ACCMODE flag >>> >>>> "NVD Last Modified" date of CVE-2022-24448 is updated as 04/29/2022, but the content of the cve is old. >>>> https://nvd.nist.gov/vuln/detail/CVE-2022-24448 >>> >>> Hi, >>> >>> Thanks for reaching out. >>> >>> I've requested to update the CVE description and they replied me that it would be updated yesterday. Maybe the system need some time to reflesh. Let's wait a few more days. >>> >>> Best, >>> Tao. >>> > > > > > > > . >