Re: 2015 kernel CVEs

From: One Thousand Gnomes
Date: Tue Jan 19 2016 - 09:56:50 EST

Next message: Alan Stern: "Re: [PATCH] usb: fix potential integer overflow in usb_sg_init"
Previous message: P L Sai Krishna: "[LINUX PATCH 5/5] mmc: host: Update the quirks for this controller."
In reply to: Dan Carpenter: "2015 kernel CVEs"
Next in thread: Ben Hutchings: "Re: [kernel-hardening] 2015 kernel CVEs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 19 Jan 2016 14:28:12 +0300
Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:

> I like to look back over old CVEs to see how we could do better. Here
> is the list from 2015. I got most of this information from the Ubuntu
> CVE tracker. Thanks Ubuntu!. If it doesn't have a hash that means it
> might not be fixed yet.

That's the list of bugs originating in 2015. You need to go back further
to see some of the fun ones still present (CVE-2013-7445 for example)

> There was only a coupls CVEs that looks like they came from a filesystem
> fuzzer where you create a corrupt filesystems and then try use them.
> There was only one that might have come from a USB fuzzer. We probably
> should be testing those things better.

There are a bunch of those ignored in Bugzilla for years. I think the
ones for the mainstream file systems have all been tackled but things
like reiserfs don't survive fuzzing too well, which is a problem if your
distribution naÃvely builds in automounting support for people rooting
your box via USB stick.

Alan

Next message: Alan Stern: "Re: [PATCH] usb: fix potential integer overflow in usb_sg_init"
Previous message: P L Sai Krishna: "[LINUX PATCH 5/5] mmc: host: Update the quirks for this controller."
In reply to: Dan Carpenter: "2015 kernel CVEs"
Next in thread: Ben Hutchings: "Re: [kernel-hardening] 2015 kernel CVEs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]