[LTP] [PATCH v1 1/1] runtest/cve: Add some existing CVE tests to runtest file
Li Wang
liwang@redhat.com
Tue Jun 20 10:34:46 CEST 2023
Hi Souta and Cyril,
On Tue, Jun 20, 2023 at 4:13 PM Souta Kawahara <
souta.kawahara@miraclelinux.com> wrote:
> Signed-off-by: Souta Kawahara <souta.kawahara@miraclelinux.com>
> ---
> runtest/cve | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/runtest/cve b/runtest/cve
> index f9a449fe7..aa10093c0 100644
> --- a/runtest/cve
> +++ b/runtest/cve
> @@ -19,11 +19,13 @@ cve-2016-10044 cve-2016-10044
> cve-2017-2618 cve-2017-2618
> cve-2017-2636 pty05
> cve-2017-2671 cve-2017-2671
> +cve-2017-5669 shmat03
>
This one looks like being dropped from the CVE list purposely,
according to:
commit 2588dafd4651706ed7ae34ae3b744b0ee8cd6384
Author: Cyril Hrubis <chrubis@suse.cz>
Date: Wed Aug 14 14:13:28 2019 +0200
syscalls/shmat03: Remove it from runtest/cve
The original POC[1] and CVE-2017-5669 are not tested by this test
anymore as it turned out that the CVE was bogus. See:
https://marc.info/?l=linux-mm&m=152510978123755&w=2
And the test became regression test for:
commit 8f89c007b6dec16a1793cb88de88fcc02117bbbc
Author: Davidlohr Bueso <dave@stgolabs.net>
Date: Fri May 25 14:47:30 2018 -0700
ipc/shm: fix shmat() nil address after round-down when remapping
Hence we will keep the test but remove it from the CVE runtest file and
adjust
the top level comment in the test code.
[1] https://bugzilla.kernel.org/attachment.cgi?id=252511
from https://bugzilla.kernel.org/show_bug.cgi?id=192931
cve-2017-5754 meltdown
> cve-2017-6951 request_key05
> cve-2017-7308 setsockopt02
> cve-2017-7472 keyctl04
> cve-2017-7616 set_mempolicy05
> +cve-2017-8890 accept02
> cve-2017-10661 timerfd_settime02
> cve-2017-12192 keyctl07
> cve-2017-12193 add_key04
> @@ -41,16 +43,19 @@ cve-2017-17805 af_alg02
> cve-2017-17806 af_alg01
> cve-2017-17807 request_key04
> cve-2017-18075 pcrypt_aead01
> +cve-2017-18344 timer_create03
> cve-2017-1000111 setsockopt07
> cve-2017-1000112 setsockopt05
> cve-2017-1000364 stack_clash
> cve-2017-1000380 snd_timer01
> cve-2017-1000405 thp04
> cve-2018-5803 sctp_big_chunk
> +cve-2018-6927 futex_cmp_requeue02
> cve-2018-7566 snd_seq01
> cve-2018-8897 ptrace09
> cve-2018-9568 connect02
> cve-2018-10124 kill13
> +cve-2018-11508 adjtimex03
> cve-2018-12896 timer_settime03
> cve-2018-13405 creat09
> cve-2018-18445 bpf_prog04
> @@ -66,15 +71,23 @@ cve-2020-14386 sendto03
> cve-2020-14416 pty03
> cve-2020-25705 icmp_rate_limit01
> cve-2020-29373 io_uring02
> +cve-2020-36557 pty06
> cve-2021-3444 bpf_prog05
> cve-2021-3609 can_bcm01
> +cve-2021-3653 kvm_svm01
> +cve-2021-3656 kvm_svm02
> cve-2021-4034 execve06
> +cve-2021-4197_1 cgroup_core01
> +cve-2021-4197_2 cgroup_core02
> +cve-2021-4204 bpf_prog06
> cve-2021-22555 setsockopt08 -i 100
> cve-2021-26708 vsock01
> cve-2021-22600 setsockopt09
> +cve-2021-38198 kvm_pagefault01
> cve-2021-38604 mq_notify03
> cve-2022-0847 dirtypipe
> cve-2022-2590 dirtyc0w_shmem
> +cve-2022-23222 bpf_prog07
> # Tests below may cause kernel memory leak
> cve-2020-25704 perf_event_open03
> cve-2022-0185 fsconfig03
> --
> 2.31.1
>
The rest part looks good.
--
Regards,
Li Wang
More information about the ltp
mailing list