oss-sec mailing list archives
Re: TTY pushback vulnerabilities / TIOCSTI
From: Eddie Chapman <eddie () ehuk net>
Date: Mon, 8 Jan 2024 11:58:06 +0000
Jakub Wilk wrote:
* Hanno Böck <hanno () hboeck de>, 2023-03-24 19:56:Here's a proposed patch to restrict access to the dangerous functionality.This patch has been included in Linux v6.7: https://git.kernel.org/linus/8d1b43f6a6df7bcea20982ad376a000d90906b42 -- Jakub Wilk
FWICT neither this nor the 2022 TIOCSTI patch https://git.kernel.org/linus/83efeeeb3d04b22aaed1df99bc70a48fe9d22c4d have been backported to any earlier kernels (yet).I'd like to ask, does anyone know if any other work was needed in 6.2 and/or 6.7 in addition to these 2 simple patches? They weren't part of a series, or have necessary prerequisite patches, right?
I've no idea nor wish to comment on whether either of them should/should not be backported. However, each by themselves look quite minimal and straightforward. On the face of it, anyone building their own older kernel could probably easily backport either of them if they wanted, if indeed this is all that is needed.
Eddie
Current thread:
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Jan 07)
- Re: TTY pushback vulnerabilities / TIOCSTI Eddie Chapman (Jan 08)
- Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk (Jan 16)