Re: CVE-2020-10742 -- nfs client weirdness with max_rqst_size

Chen-Yu Tsai <wens@...>


On Wed, Jun 3, 2020 at 11:28 PM Pavel Machek <pavel@...> wrote:


I did a bit of research on CVE-2020-10742.

Unfortunately, RedHat is a bad player here, and bug reports are partly
hidden from public.

The bug does not seem especially bad (it looks like it needs specific
configuration to trigger), and Salvatore Bonaccorso was not able to
trigger it in 4.19.118.

Original report is for 3.10 kernels, so that makes some sense.
SUSE reports it was introduced in v3.5 and fixed in v3.16.

See .


I don't believe we need to do anything here.

Best regards,

(cesky, pictures)

Join to automatically receive all group messages.