On Mon, Jun 02, 2025 at 01:45:02PM +0200, Christian Brauner wrote: > On Mon, Jun 02, 2025 at 11:32:44AM +0200, Greg Kroah-Hartman wrote: > > On Mon, Jun 02, 2025 at 11:09:05AM +0200, Christian Brauner wrote: > > > On Fri, May 30, 2025 at 10:44:16AM +0100, Luca Boccassi wrote: > > > > Dear stable maintainer(s), > > > > > > > > The following series was merged for 6.16: > > > > > > > > https://lore.kernel.org/all/20250414-work-coredump-v2-0-685bf231f828@xxxxxxxxxx/ > > > > > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c57f07b235871c9e5bffaccd458dca2d9a62b164 > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95c5f43181fe9c1b5e5a4bd3281c857a5259991f > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea > > > > > > > > This allows the userspace coredump handler to get a PIDFD referencing > > > > the crashed process. > > > > > > > > We have discovered that there are real world exploits that can be used > > > > to trick coredump handling userspace software to act on foreign > > > > processes due to PID reuse attacks: > > > > > > > > https://security-tracker.debian.org/tracker/CVE-2025-4598 > > > > > > > > We have fixed the worst case scenario, but to really and > > > > comprehensively fix the whole problem we need this new %F option. We > > > > have backported the userspace side to the systemd stable branch. Would > > > > it be possible to backport the above 3 patches to at least the 6.12 > > > > series, so that the next Debian stable can be fully covered? The first > > > > two are small bug fixes so it would be good to have them, and the > > > > third one is quite small and unless explicitly configured in the > > > > core_pattern, it will be inert, so risk should be low. > > > > > > I agree that we should try and backport this if Greg agrees we can do > > > this. v6.15 will be easy to do. Further back might need some custom work > > > though. Let's see what Greg thinks. > > > > Yes, seems like a good thing to backport to at least 6.12.y if possible. > > > > Is it just the above 3 commits? > > Yes, just those three: > > b5325b2a270f ("coredump: hand a pidfd to the usermode coredump helper") > 95c5f43181fe ("coredump: fix error handling for replace_fd()") > c57f07b23587 ("pidfs: move O_RDWR into pidfs_alloc_file()") > > That should apply cleanly to v6.15 but for the others it requires custom > backports. So here are a couple of trees all based on linux-*.*.y from > the stable repo. You might need to adjust to your stable commit message > format though: > > v6.12: > https://github.com/brauner/linux-stable/tree/vfs-6.12.coredump.pidfd So that would be: git pull https://github.com/brauner/linux-stable.git vfs-6.12.coredump.pidfd ? Can I get a signed tag so I know that I can trust a github.com account? Also, 6.14.y didn't work all that well, let me see if I can get that to work on my own like I did for 6.15.y (the pidfs patch needed to be manually applied...) thanks, greg k-h
