StackRot (CVE-2023-3269) - which kernel to run?

Message

jmbreuer · Post by **jmbreuer** » Fri Jul 07, 2023 7:38 am

I've become aware of the StackRot vulnerability https://github.com/lrh2000/StackRot in recent Linux kernels.

Current stable (on amd64) is gentoo-sources-6.1.31, which I very much presume does not contain a fix for CVE-2023-3269.

Is there an effort already underway to have a sufficiently newer kernel stabilized imminently? Where would I find information about such gentoo security efforts?

The GLSAs https://security.gentoo.org/glsa/ currently seem to end in May 2023...

Goverp · Post by **Goverp** » Fri Jul 07, 2023 7:56 am

I'm not sure I'd panic yet. As the article says:

... Consequently, exploiting this vulnerability is considered challenging.
To the best of my knowledge, there are currently no publicly available exploits targeting use-after-free-by-RCU (UAFBR) bugs. ...

And if you are desperate, you simply use a pre 6.1 kernel, such as 5.15.120, the current most recent long-term stable, available in both gentoo-sources and gentoo-kernel{,-bin}

Post by **pietinger** » Fri Jul 07, 2023 9:01 am

I am sure our recent gentoo-sources 6.1.38 will become stable very soon. If you cant wait you might install gentoo-sources according Option 3 (as I always do; I am already on 6.1.37):
https://wiki.gentoo.org/wiki/User:Pieti ... LTS_series

jmbreuer · Post by **jmbreuer** » Fri Jul 07, 2023 2:37 pm

Thank you for the suggestions!

I'll pick a suitable kernel from 5.15.<recent> or 6.1.38~amd64 for now.

Post by **pietinger** » Sat Jul 08, 2023 10:55 am

6.1.38 is stable now !