Re: CVE-2022-1419: Linux kernel: A concurrency use-after-free in vgem_gem_dumb_create

[Greg KH <greg () kroah com>]

On Fri, Apr 22, 2022 at 09:05:50AM +0200, Marcus Meissner wrote:
> On Thu, Apr 21, 2022 at 07:35:46PM +0200, Greg KH wrote:
> > On Thu, Apr 21, 2022 at 11:44:54PM +0800, Minh Yuan wrote:
> > > Timeline:
> > > * 21.04.22 - Vulnerability reported to security () kernel org and
> > > linux-distros () vs openwall org
> > > * 21.04.22 - CVE-2022-1419 assigned.
> >
> > Why are people assigning CVEs to things that require root permissions?
> > Or are there distros running on kernels older than 5.4 that allow
> > untrusted users access to the drm ioctls directly?
> >
> > I'm curious as it would affect the backporting of the needed fixes here
> > (or not.)
>
> It does not, distros like SUSE give out ACLs or groups write perms to /dev/dri/card0
> to it via udev.
>
> crw-rw----+ 1 root video 226, 0 Apr 22 08:47 /dev/dri/card0
>
> getfacl /dev/dri/card0
>
> # file: dev/dri/card0
> # owner: root
> # group: video
> user::rw-
> user:marcus:rw-
> group::rw-
> mask::rw-
> other::---

Ok, so this is an issue for older kernels, I'll try to bump it up my
priority list for backports, but I would really like some help from
those distros still relying on those older kernels for this work.
Especially for testing.

thanks,

greg k-h