CVE-2025-21830: landlock: Handle weird files
Greg Kroah-Hartman
gregkh at linuxfoundation.org
Mon Mar 10 14:36:04 UTC 2025
On Mon, Mar 10, 2025 at 01:00:50PM +0100, Mickaël Salaün wrote:
> Hi Greg,
>
> FYI, I don't think this patch fixes a security issue. If attackers can
> corrupt a filesystem, then they should already be able to harm the whole
> system.
>
> The commit description might be a bit confusing, but from an access
> control point of view, the filesystem on which we spotted this issue
> (bcachefs) does not allow to open weird files (but they are still
> visible, hence this patch) and I guess it would be the same for other
> filesystems, right? I'm not sure how a weird file could be used by user
> space. See
> https://lore.kernel.org/all/Zpc46HEacI%2Fwd7Rg@dread.disaster.area/
>
> The goal of this fix was mainly to not warn about a bcachefs issue (and
> avoid related syzkaller report for Landlock), and to harden Landlock in
> case other filesystems have this kind of bug.
It was issue a CVE because the reviewers thought that it was a way to
circumvent the landlock permission checks, based on the changelog text
(note, creating a "corrupted filesystem" is quite easy to get many Linux
systems to auto-mount it, so those types of issues do get assigned
CVEs.)
If you all do not think this meets the definition of a vulnerability as
defined by CVE.org as:
An instance of one or more weaknesses in a Product that can be
exploited, causing a negative impact to confidentiality, integrity, or
availability; a set of conditions or behaviors that allows the
violation of an explicit or implicit security policy.
We will be glad to revoke it, just let us know.
thanks,
greg k-h
More information about the Linux-security-module-archive
mailing list