Hi, Can you confirm if any fix was made for this vulnerability? Thanks, ZDI
-----Original Message----- From: Tom Rini <[email protected]> Sent: Thursday, November 14, 2024 3:34 PM To: Tony Dinh <[email protected]> Cc: Michal Simek <[email protected]>; Wolfgang Wegner <[email protected]>; Thomas Weber <[email protected]>; Stefan Herbrechtsmeier <[email protected]>; Phil Sutter <[email protected]>; Siddarth Gore <[email protected]>; Luka Perkov <[email protected]>; Holger Brunck <[email protected]>; Heiko Schocher <[email protected]>; Evgeni Dobrev <[email protected]>; Stefan Roese <[email protected]>; Ilko Iliev <[email protected]>; Dave Purdy <[email protected]>; ZDI Disclosures Mailbox <[email protected]>; [email protected] Subject: Re: ZDI-CAN-24679: New Vulnerability Report On Thu, Nov 14, 2024 at 12:18:49PM -0800, Tony Dinh wrote: > Hi Tom, > Hi Stefan, > > On Thu, Nov 14, 2024 at 8:33 AM Tom Rini <[email protected]> wrote: > > > > On Thu, Nov 14, 2024 at 04:07:15PM +0100, Michal Simek wrote: > > > > > Hi, > > > > > > On 11/14/24 15:56, Tom Rini wrote: > > > > On Thu, Nov 14, 2024 at 04:02:29AM +0000, > > > > [email protected] wrote: > > > > > > > > > Hi, > > > > > Do you have any updates to share regarding this vulnerability report? > > > > > > > > Michal, microblaze-generic is the most active platform that > > > > enables > > > > FS_JFFS2 by default and so vulnerable here. Can you find some > > > > resources to look in to fixing this please? Thanks. > > > > > > We have actually discussed this recently and we have other issues > > > with jffs2 and not going to fix it or recommend to use it. > > > JFFS2 should be removed from our configs and it is also not under our > > > regression. > > > > Ah OK, thanks. Adding a few more maintainers now then. > > Does this affect only boards that explicitly use CMD_JFFS2? how about > boards that have not been converted to bootstd and still use "nand > read" like this: > > include/configs/openrd.h > > #define CFG_EXTRA_ENV_SETTINGS "x_bootargs=console=ttyS0,115200 " \ > CONFIG_MTDPARTS_DEFAULT " rw ubi.mtd=2,2048\0" \ > "x_bootcmd_kernel=nand read 0x6400000 0x100000 0x300000\0" \ It's a problem for boards which read from JFFS2 in U-Boot, yes. So in the case of the kernel / etc being read from a raw location (or ubi or what-have-you), if FS_JFFS2 (or CMD_JFFS2, same list of platforms) is disabled the problem goes away. And if we're down to just a few lightly used platforms, we can just drop JFFS2 support. Thanks! -- Tom
openpgp-digital-signature.asc
Description: PGP signature
