From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 84325C678D5
	for <linux-mm@archiver.kernel.org>; Tue,  7 Mar 2023 11:00:50 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id EB4FD6B0071; Tue,  7 Mar 2023 06:00:49 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id E64C96B0072; Tue,  7 Mar 2023 06:00:49 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D2D206B0073; Tue,  7 Mar 2023 06:00:49 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10])
	by kanga.kvack.org (Postfix) with ESMTP id C660E6B0071
	for <linux-mm@kvack.org>; Tue,  7 Mar 2023 06:00:49 -0500 (EST)
Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 7A16140CC3
	for <linux-mm@kvack.org>; Tue,  7 Mar 2023 11:00:49 +0000 (UTC)
X-FDA: 80541809418.03.255F03E
Received: from mail3-167.sinamail.sina.com.cn (mail3-167.sinamail.sina.com.cn [202.108.3.167])
	by imf05.hostedemail.com (Postfix) with ESMTP id 2BA2D100016
	for <linux-mm@kvack.org>; Tue,  7 Mar 2023 11:00:43 +0000 (UTC)
Authentication-Results: imf05.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf05.hostedemail.com: domain of hdanton@sina.com designates 202.108.3.167 as permitted sender) smtp.mailfrom=hdanton@sina.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1678186847;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=w0zBFHGh7QpQD0ooSDTEpIf2ZdiZsGeNxVCPbBT9sKc=;
	b=K7rbwHBxyXlszTudFzNvwTEmGHnQPxAUGREXDx93uSLMKtQypmmd6qgb5tFVySR5Nw5ZkB
	s4e623yS8hXFaODEOFj64kpolM+kYaY3YWqBWo5L3eYHN5bkkQS9iLHc3ey2xdjpLANwgE
	kbTp0Rmqx33AYzebFDaw4Cjw5k0W6jM=
ARC-Authentication-Results: i=1;
	imf05.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf05.hostedemail.com: domain of hdanton@sina.com designates 202.108.3.167 as permitted sender) smtp.mailfrom=hdanton@sina.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1678186847; a=rsa-sha256;
	cv=none;
	b=ke19DPWWGL8zT9rBPrV2GaBLzw+PPUoTKxyVWxLgi6Ic8G1rZ3ApBSTOrk93WTJ/uGWx5O
	fxA24/gxP/QuGow+igJKs/+6U4FB6eawl7yXtvSJJIAAi7YaxIqJZMBPr9MVkdY1FYj4gS
	v8xM2HbIdCH9n9TvbkcckY1RSdkXJdA=
Received: from unknown (HELO localhost.localdomain)([114.249.61.130])
	by sina.com (172.16.97.32) with ESMTP
	id 6407194000000C58; Tue, 7 Mar 2023 19:00:18 +0800 (CST)
X-Sender: hdanton@sina.com
X-Auth-ID: hdanton@sina.com
X-SMAIL-MID: 432992629105
From: Hillf Danton <hdanton@sina.com>
To: Dan Carpenter <error27@gmail.com>
Cc: Masami Ichikawa <masami.ichikawa@miraclelinux.com>,
	cip-dev <cip-dev@lists.cip-project.org>,
	linux-mm@kvack.org,
	linux-kernel@vger.kernel.org,
	lwn@lwn.net,
	smatch@ver.kernel.org
Subject: Re: Who is looking at CVEs to prevent them?
Date: Tue,  7 Mar 2023 19:00:29 +0800
Message-Id: <20230307110029.1947-1-hdanton@sina.com>
In-Reply-To: <59f7f076-a9d5-4bfb-a6da-bbe0a7567688@kili.mountain>
References: <CAODzB9qjdhQkZ+tALHpDLHoK7GAf8Uybfzp8mxXt=Dwnn_0RjA@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 2BA2D100016
X-Stat-Signature: nyeei9hdbcysaq6te114z9ppyc1miic8
X-Rspam-User: 
X-Rspamd-Server: rspam08
X-HE-Tag: 1678186843-879488
X-HE-Meta: U2FsdGVkX1/FLmDahhKNpLisOoTm1KayXiN2eX8fB8c+BrhR2Wgxo7wZvD08Bsdlw7WZEy0Vh4h/DFxGL05ZBYrH+DoUGeB8OmnfO/z1hA+NZ+8aF5HSN7wdc0V1+bueHCd2jdDJX3oNjr/O1eWEXIL5X9rtsNG3B1mEkbhYSQ3Td0IjTEgvvX3yDkyU0+IE/2bOKk70IIYW4NngQMtwAbm8NHtHIfPCyDI1jmoJDo+WRyKcFe2ApHu/4sRsWEiXVSOYvWBaxx4QkdMZcmPgyQk8PoTFGejDopqdWVAezf1GJHjOU/eF0+kvv7wzY+vX9QhKMCYmNqfi/9shDH1DUzbh9OU7mqqkV3zrZT76oA/K7ywkVh/iNatNSa/Ab9tlrz7v769P4ecH3E0ZBOhS6IkGMgS3fJ6hJj3JJgv0+5LUIMGigArzD8VSC4thXYQ/jus6qiSu6nsLqXz2lQwMJyAZglpvdESUMSTXuFuL2dvB7Kzt5QN1YAZoeLdxM4hBR/Gr6/pUQbLllCTJFIfEsYhpT3gF98HyKajI5YDPIv8rwLnqQwVoRcmaiYkdPZPlm3rkJ6RO/UaIZxT4Uf6L68y5/8PBQvtU213HWmNBg+ViHxL9saeD/CFIvUfc2OnAwIzKOcHUGbWc0cnlB5kyKMICrPbufhH7OE9LwmJXiCY8iEYS2CTo7BOa3Fd3qth+7cfluPhhbJoP+Hq8UVWP8iJWFatg8wu9mT8T7PIS+crXbMBPJX4bU7XIzcYlRMTfVlBsp+fCwmpRCkQ9IFePRKrHhhOSLV50RIFkHbsUCvw+wX0ESm3mZzCMhrnQ4yQOG9BeK1rNRXqDlsqWq17r0eXX+CB8s0z4+RTdMHRtZ27Y5O2JZQGiUHu7xFuNZC0bHajtrjEPEqJLfphA8OndAoE03XssSu+vUutA8n+QQ4/EjEsjwijT8mvLutKViZVL0c2wWK+DoPfuIAKlkgI
 1DE1WPkI
 o6s+PDk46M/aM8+7F2/mq1HKpTuSLKlDiwqqNTT4cO14Ev8THmFIA9CGHynhu7zAhWKbhmAgjjdPZ+AbMsXXtYX8SRDwTMFdpmbgynIO99oKY5TTnj21R38DOQU8pkFRk7qoByPXPk2jvJkmaGsOrBViEl1fkN/sIYfvOVmSmyavfMV2w+QDXu2nRT5XbXKA/e0xyvsdSlowBzK4ainomnnfkMnmq4Ws7+VvtSblbilaBT3Q1aRwYkUSMkIn7q7yYYeBhLa9YVupEqO4D6K92uOeFHCDwU0Qz+XWp
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000012, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On 7 Mar 2023 12:51:14 +0300 Dan Carpenter <error27@gmail.com>
> On Thu, Jan 19, 2023 at 09:14:53AM +0900, Masami Ichikawa wrote:
> > CVE-2023-0210: ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in
> > ksmbd_decode_ntlmssp_auth_blob
> > 
> > 5.15, 6.0, and 6.1 were fixed.
> > 
> > Fixed status
> > mainline: [797805d81baa814f76cf7bdab35f86408a79d707]
> > stable/5.15: [e32f867b37da7902685c9a106bef819506aa1a92]
> > stable/6.0: [1e7ed525c60d8d51daf2700777071cd0dfb6f807]
> > stable/6.1: [5e7d97dbae25ab4cb0ac1b1b98aebc4915689a86]
> 
> Sorry, I have kind of hijacked the cip-dev email list...  I use these
> lists to figure out where we are failing.
> 
> I created a static checker warning for this bug.  I also wrote a blog
> stepping through the process:
> https://staticthinking.wordpress.com/2023/03/07/triaging-security-bugs/
> 
> If anyone wants to review the warnings, just email me and I can send
> them to you.  I Cc'd LWN because I was going to post the warnings but I
> chickened out because that didn't feel like responsible disclosure. The

Given the syzbot reports only in the past three years for instance, the
chickenout sounds a bit over reaction.

> instructions for how to find these yourself are kind of right there in
> the blog so it's not too hard to generate these results yourself...  I
> don't really have enough time to review static checker warnings anymore
> but I don't know who wants to do that job now.

If no more than three warnings you will post a week after filtering, feel
free to add me to your Cc list, better with the leading [triage smatch
warning] on the subject line the same way as the syzbot report.

Thanks
Hillf