Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function

[Kurt Seifried <kseifried () redhat com>]

On Tue, May 30, 2017 at 9:20 AM, Daniel Micay <danielmicay () gmail com> wrote:

> That's not what secure/verified boot means to everyone else, and
> there's nothing in mainline with those properties. To everyone else,
> it's not an arbitrary bureaucratic/marketing feature. It's
> verification of the whole base OS... i.e. Android, Android Things
> (Brillo), ChromeOS, iOS and sane embedded Linux systems. Likely
> Windows on mobile devices too, and I really doubt that Microsoft
> doesn't plan on verifying the userspace OS if they don't already.

Red Hat is only associated with this in so far as I happen to work for Red
Hat and I typically do the CVE assignments on the distros@ list (where this
issue was initially reported).


> Anyway, good luck with meaningless Red Hat security theatre. These
> "vulnerabilities" are just reinforcing the view that security people
> are foolish. There isn't disagreement that it's a meaningless feature
> with this level of incompleteness and yet a CVE is assigned for it?
> Okay then...

I suggest you take this issue up with MITRE/CVE Board (disclaimer: I'm also
on the CVE Board), they control CVE and the definitions of what is CVE
worthy, and in this case it largely falls under the "advertised/implied
security feature doesn't work as such". This is unlikely to change as it's
well established and has been used for over a decade.


> Sorry for thinking that this should be about something more than
> padding CVs and marketing materials.

I suggest then you take this up with the original researcher if you're
worried about people padding their CVs. This discussion isn't
productive/helpful and I suggest you take it off list.


-- 

Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert () redhat com