Announcement

Collapse
No announcement yet.

Linux 6.1 To 6.5 Git Quietly Patched For "StackRot" Privilege Escalation Vulnerability

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Linux 6.1 To 6.5 Git Quietly Patched For "StackRot" Privilege Escalation Vulnerability

    Phoronix: Linux 6.1 To 6.5 Git Quietly Patched For "StackRot" Privilege Escalation Vulnerability

    It's now more clear why last week Linus Torvalds personally took to improving the Linux kernel's user-mode stack expansion code: it's necessary to address a now disclosed security vulnerability dubbed StackRot...

    Linux 6.1 To 6.5 Git Quietly Patched For "StackRot" Privilege Escalation Vulnerability - Phoronix
    https://www.phoronix.com/news/Linux-StackRot
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
    • Likes 1
  • #2
    It's also worth nothing that 6.4.x has a nasty regression which results in multiple applications crashing:
    217624 – [REGRESSION] Memory corruption in multithreaded user space program while calling fork
    https://bugzilla.kernel.org/show_bug.cgi?id=217624

    [Bug]: conky random freezes with no dmesg or debug info starting with kernel 6.4-rc · Issue #1544 · brndnmtthws/conky
    https://github.com/brndnmtthws/conky/issues/1544
    What happened? conky random freezes with no dmesg or debug info. Has to be killed with -9 to get rid of the process. This issues has been observed with kernel 6.4-rc. earlier versions work fine. Ve...


    The issue is currently being worked on, meanwhile if you absolutely need to use 6.4, recompile it without PER_VMA_LOCK if you're affected by it.
    • Likes 7

    Comment

    • #3
      You know it's important when the King (I use the term platonicly affectionately as a benevolent dictator) takes a hand at fixing the problem rather than leaving it to others.
      • Likes 2

      Comment

      • #4
        the clues were there, this is from linus's original most (emphasis mine)
        Anyway, I think I want to actually move all the stack expansion code to a whole new file of its own, rather than have it split up between mm/mmap.c and mm/memory.c, but since this will have to be backported to the initial maple tree vma introduction anyway, I tried to keep the patches _fairly_ minimal.
        • Likes 2

        Comment

        • #5
          anyone know how importeny to following fix in 6.1.38 are?
          Code:
          commit 296927dbae7d2418cfd65b98788cbec2fd48afa1
execve: always mark stack as growing down during early stack setup
          because debian mark it as fixed for 6.1.37. https://security-tracker.debian.org/...E-2023-3269​

          Comment

          • #6
            Linux 6.1.37, Linux 6.3.11, Linux 6.4.1, and Linux 6.5 Git are all safeguarded against StackRot thanks to Linus Torvalds' coding.
            I was wondering why Debian put 6.1.37 in the stable-security branch… Great job to everyone involved.

            Comment

            • #7
              A quick follow up: Linus has said per VMA locking is an essentially broken approach/concept and needs to be completely removed from the kernel.

              Whoa.

              https://lkml.org/lkml/2023/7/8/212


              And kernel 6.4 was released with it. And this feature/patchset is huge: https://lwn.net/Articles/919547/

              Ping your distro and ask them to disable PER_VMA_LOCK

              Comment

              Previous template Next
              Working...
              X