| Rich Freeman via plug on 14 Aug 2025 06:07:33 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Full Kernel-Level Control from Chrome Sandbox |
On 8/13/2025 3:46 PM, George A. Theall via plug wrote:
Yeah, I was going by the original article that referenced 6.9.8 as the location of the fix.On Wed, Aug 13, 2025 at 09:07:00AM -0400, Walt Mankowski via plug wrote:The CVE references https://project-zero.issues.chromium.org/issues/423023990, which says :On Wed, Aug 13, 2025 at 01:02:11PM +0000, Rich Freeman via plug wrote:From the article:*> Patch, Patch, Patch: *The fix is already upstream. As of kernel version 6.9.8 <https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9.8>, thememory management bug in |MSG_OOB| has been patched. That's ancient. 6.9 isn't even a maintained kernel version. There is already a 6.12 longterm. This was fixed more than a year ago. This is interesting of course, but unless you have some embedded system without any updates you'd have to be incredibly lax to have a year old kernel.Interesting. That article made it seem like it had been introduced in 6.9 and was exploitable in all the kernels after that."Fixed in these stable releases on 2025-07-06 (note that 6.12 and 6.15 are the only stable kernels where this actually has security impact): 6.1.143 6.6.96 6.12.36 6.15.5"
That said, the quote above doesn't necessarily mean what many might think. If it is fixed in 6.15.5, that doesn't necessarily mean that it isn't also fixed in 6.15.4. Given that they just listed all the stable kernels they seem to support (including ones before the bug was introduced), they might just be saying that all their production kernels are fine right now.
It wouldn't be the first time I saw a lot of security news over an issue that was fixed a long time ago. Honestly, I can't really be bothered to go track down the actual commits and where it was fixed in each kernel branch since either way everything I own was fixed either weeks or months ago. Zero days that require scrambling definitely do happen, but most news disclosures happen after issues are fixed via normal updates.
-- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug