blob: fb727027f2b411b6a72867858332ace6df8c2e8d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Description: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN
References:
Notes:
carnil> Ben's commit message states "This was fixed differently upstream,
carnil> but the code around here waslargely rewritten in 4.14 by commit
carnil> f1174f77b50c "bpf/verifier: rework value tracking". The bug can be
carnil> detected by the bpf/verifier sub-test "pointer/scalar confusion in
carnil> state equality check (way 1)"."
carnil> how was it fixed? Which upstream commit?
carnil> So needs to be checked if 179d1c5602997fef5a940c6ddcf31212cbfebd14
carnil> fixed that problem.
bwh> I know that the test case was fixed upstream and in sid by the recent
bwh> series of fixes, so have marked this as released even though I'm not
bwh> absolutely certain that this is the specific commit that fixed it.
Bugs:
upstream: released (4.15-rc5) [179d1c5602997fef5a940c6ddcf31212cbfebd14]
4.9-upstream-stable: released (4.9.73) [37435f7e80ef9adc32a69013c18f135e3f434244]
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.14.7-1) [bugfix/all/bpf-don-t-prune-branches-when-a-scalar-is-replaced-w.patch]
4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-verifier-fix-states_equal-comparison-of-pointer-and-unknown.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"
3.2-wheezy-security: N/A "Vulnerable code introduced later"
|