NAK/cmnt: [PATCH 0/1] [SRU xenial/linux] CVE-2018-7273
Kleber Souza
kleber.souza at canonical.com
Wed May 5 09:17:50 UTC 2021
On 24.02.21 21:01, Tim Gardner wrote:
> [Impact]
> In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of
> kernel functions and global variables using printk calls within the function
> show_floppy in drivers/block/floppy.c. An attacker can read this information
> from dmesg and use the addresses to find the locations of kernel code and data
> and bypass kernel security protections such as KASLR.
>
> Canonical kernel team: According to the commit log there are thousands of call
> sites using '%p', each of which could expose internal memory addresses. The
> upstream solution was to hash all addresses printed using an unadorned '%p'.
> This issue appears to be much broader then just the floppy disk driver.
>
> [Test Case]
> Boot tested on bare metal.
>
> [Potential regression]
> Simple backport. This patch was introduced in v4.15.
>
>
Xenial has EOL'ed and we won't be applying further patches from this mailing-list.
Thanks,
Kleber
More information about the kernel-team
mailing list