Re: REJECTED: CVE-2025-0927: heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem

From: Dmitry Vyukov
Date: Fri May 09 2025 - 03:20:50 EST

Next message: Amir Goldstein: "Re: [PATCH v3 2/3] fs: fuse: add backing_files control file"
Previous message: Jakob Unterwurzacher: "[PATCH] net: dsa: microchip: linearize skb for tail-tagging switches"
Next in thread: Greg KH: "Re: REJECTED: CVE-2025-0927: heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> CVE-2025-0927 has now been rejected and is no longer a valid CVE.

> Filesystem bugs due to corrupt images are not considered a CVE for any
> filesystem that is only mountable by CAP_SYS_ADMIN in the initial user
> namespace. That includes delegated mounting.

I wonder if this should be the case only if the image is flagged by fsck
as corrupted? Otherwise I am not sure what's "trusted". It's not about
somebody's "honest eyes", right. E.g. in the context of insider risks
the person providing an image may be considered "trusted", or in the
context of Zero Trust Architecture nothing at all is considered trusted,
or a trusted image may be tampered with while stored somewhere.

Without any formal means to classify an image as corrupted or not,
this approach does not look very practical to me. While flagging by fsck
gives concrete workflow for any context that requires more security.

Next message: Amir Goldstein: "Re: [PATCH v3 2/3] fs: fuse: add backing_files control file"
Previous message: Jakob Unterwurzacher: "[PATCH] net: dsa: microchip: linearize skb for tail-tagging switches"
Next in thread: Greg KH: "Re: REJECTED: CVE-2025-0927: heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]