Issue metadata
Sign in to add a comment
|
CVE-2017-17862 CrOS: Vulnerability reported in Linux kernel |
||||||||||||||||||||||
Issue descriptionVOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. Advisory: CVE-2017-17862 Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-17862 CVSS severity score: 4.9/10.0 Description: kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. This bug was filed by http://go/vomit Please contact us at vomit-team@google.com if you need any assistance.
,
Jan 10 2018
Already fixed in both chromeos-4.4 and chromeos-4.14 with stable release merges.
,
Jan 10 2018
,
Jan 10 2018
@groeck can you paste commit for 4.4? I'm not able to locate in 4.4 stable-tree.
,
Jan 11 2018
#4: Thanks for having another look. I messed that one up. No idea where I got the idea from that it is fixed in 4.4.
,
Jan 11 2018
Problem with 4.4 may be that this doesn't apply; the code changes are too substantial. We would have to effectively re-implement the code. We'll need to discuss if this is worth it given the low severity of the problem.
,
Jan 11 2018
Per the description in commit c131187db2d3fa2f8bf3, this only creates a problem if BPF_JIT is enabled. However, BPF_JIT is not enabled in Chrome OS or Lakitu. Given that, due to the complexity of fixing the problem (assuming it applies) in chromeos-4.4, and since this is a low severity bug, marking it as WontFix again.
,
Jan 11 2018
Great! No need to backport. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by groeck@chromium.org
, Jan 10 2018Labels: Security_Severity-Low Security_Impact-None M-65 Pri-2
Owner: groeck@chromium.org
Status: ExternalDependency (was: Untriaged)