[LTP] [PATCH v1] Add test case for CVE-2018-11508
Petr Vorel
petr.vorel@gmail.com
Sat Jun 20 11:24:27 CEST 2020
Hi Nirav,
thanks for your patch!
...
> + * This proves that there are 4 bytes of info leaked. The bug was fixed in
> + * Kernel Version 4.16.9. Therefore, the below test case will only be
> + * applicable for the kernel version 4.16.9 and above.
This is IMHO wrong. The fix 3a4d44b61625 fixes 3a4d44b61625 ("ntp: Move adjtimex
related compat syscalls to native counterparts"), which was released in
v4.13-rc1.
...
> +static struct tst_test test = {
> + .setup = setup,
> + .cleanup = cleanup,
> + .min_kver = "4.16.9",
Thus there should be .min_kver = "4.13",
And most of the tests doesn't have .min_kver anyway, it might be removed
entirely.
> + .test_all = verify_adjtimex,
> + .bufs = (struct tst_buffers []) {
> + {&buf, .size = sizeof(*buf)},
> + {&tim_save, .size = sizeof(*tim_save)},
> + {},
> + },
> + .tags = (const struct tst_tag[]) {
> + {"CVE", "2018-11508"},
> + {"linux-git", "3a4d44b61625"},
> + {},
> + }
> +};
Kind regards,
Petr
More information about the ltp
mailing list