[SRU,Focal,Jammy,OEM-6.1,Lunar,Mantic,0/1] CVE-2023-5717

Message ID	20231025205611.1626111-1-cascardo@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/1] CVE-2023-5717 Date: Wed, 25 Oct 2023 17:56:07 -0300 Message-Id: <20231025205611.1626111-1-cascardo@canonical.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	CVE-2023-5717 \| expand [SRU,Focal,Jammy,OEM-6.1,Lunar,Mantic,0/1] CVE-2023-5717 [SRU,Focal,1/1] perf: Disallow mis-matched inherited group reads

Message ID

20231025205611.1626111-1-cascardo@canonical.com

Headers

From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/1] CVE-2023-5717
Date: Wed, 25 Oct 2023 17:56:07 -0300
Message-Id: <20231025205611.1626111-1-cascardo@canonical.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

CVE-2023-5717 | expand

Message

Thadeu Lima de Souza Cascardo Oct. 25, 2023, 8:56 p.m. UTC

[Impact]
Users with access to perf (CAP_PERFMON) or unprivileged users on systems
where sysctl kernel.perf_event_paranoid is less than 1 may escalate
privileges.

[Backport]
All clean cherry-picks, but could not apply cleanly (except with --3way),
hence the multiple submissions.

[Potential regressions]
performance monitoring (perf command) may break.

Peter Zijlstra (1):
  perf: Disallow mis-matched inherited group reads

 include/linux/perf_event.h |  1 +
 kernel/events/core.c       | 39 ++++++++++++++++++++++++++++++++------
 2 files changed, 34 insertions(+), 6 deletions(-)

Comments

Roxana Nicolescu Oct. 26, 2023, 11:45 a.m. UTC | #1

On 25/10/2023 22:56, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Users with access to perf (CAP_PERFMON) or unprivileged users on systems
> where sysctl kernel.perf_event_paranoid is less than 1 may escalate
> privileges.
>
> [Backport]
> All clean cherry-picks, but could not apply cleanly (except with --3way),
> hence the multiple submissions.
>
> [Potential regressions]
> performance monitoring (perf command) may break.
>
> Peter Zijlstra (1):
>    perf: Disallow mis-matched inherited group reads
>
>   include/linux/perf_event.h |  1 +
>   kernel/events/core.c       | 39 ++++++++++++++++++++++++++++++++------
>   2 files changed, 34 insertions(+), 6 deletions(-)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>

Timo Aaltonen Oct. 27, 2023, 6:18 a.m. UTC | #2

Thadeu Lima de Souza Cascardo kirjoitti 25.10.2023 klo 23.56:
> [Impact]
> Users with access to perf (CAP_PERFMON) or unprivileged users on systems
> where sysctl kernel.perf_event_paranoid is less than 1 may escalate
> privileges.
> 
> [Backport]
> All clean cherry-picks, but could not apply cleanly (except with --3way),
> hence the multiple submissions.
> 
> [Potential regressions]
> performance monitoring (perf command) may break.
> 
> Peter Zijlstra (1):
>    perf: Disallow mis-matched inherited group reads
> 
>   include/linux/perf_event.h |  1 +
>   kernel/events/core.c       | 39 ++++++++++++++++++++++++++++++++------
>   2 files changed, 34 insertions(+), 6 deletions(-)
> 

applied to oem-6.1, thanks

Stefan Bader Oct. 27, 2023, 8:56 a.m. UTC | #3

On 25.10.23 22:56, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Users with access to perf (CAP_PERFMON) or unprivileged users on systems
> where sysctl kernel.perf_event_paranoid is less than 1 may escalate
> privileges.
> 
> [Backport]
> All clean cherry-picks, but could not apply cleanly (except with --3way),
> hence the multiple submissions.
> 
> [Potential regressions]
> performance monitoring (perf command) may break.
> 
> Peter Zijlstra (1):
>    perf: Disallow mis-matched inherited group reads
> 
>   include/linux/perf_event.h |  1 +
>   kernel/events/core.c       | 39 ++++++++++++++++++++++++++++++++------
>   2 files changed, 34 insertions(+), 6 deletions(-)
> 

Acked-by: Stefan Bader <stefan.bader@canonical.com>

Roxana Nicolescu Oct. 27, 2023, 11:33 a.m. UTC | #4

On 25/10/2023 22:56, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Users with access to perf (CAP_PERFMON) or unprivileged users on systems
> where sysctl kernel.perf_event_paranoid is less than 1 may escalate
> privileges.
>
> [Backport]
> All clean cherry-picks, but could not apply cleanly (except with --3way),
> hence the multiple submissions.
>
> [Potential regressions]
> performance monitoring (perf command) may break.
>
> Peter Zijlstra (1):
>    perf: Disallow mis-matched inherited group reads
>
>   include/linux/perf_event.h |  1 +
>   kernel/events/core.c       | 39 ++++++++++++++++++++++++++++++++------
>   2 files changed, 34 insertions(+), 6 deletions(-)
>
Applied to f,j,l,m:master-next. Thanks!

Roxana