Re: CVE-2014-9900 fix is not upstream

From: Ben Hutchings
Date: Tue Aug 23 2016 - 13:35:36 EST

Next message: Mike Marshall: "Re: [PATCH 4/7] fs: make remaining filesystems use .rename2"
Previous message: Catalin Marinas: "Re: [PATCH 1/1] arm64/hugetlb: clear PG_dcache_clean if the page is dirty when munmap"
In reply to: David Miller: "Re: CVE-2014-9900 fix is not upstream"
Next in thread: David Miller: "Re: CVE-2014-9900 fix is not upstream"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2016-08-23 at 09:40 -0700, David Miller wrote:
> From: Luis Henriques <luis.henriques@xxxxxxxxxxxxx>
> Date: Tue, 23 Aug 2016 14:41:07 +0100
>
> > Digging through some old CVEs I came across this one that doesn't
> seem be
> > in mainline.Â Was there a good reason for not being sent upstream?Â
> Maybe it was
> > rejected for some reason and I failed to find the discussion.
>
> Because the patch is completely bogus, and thus so is the CVE.
>
> The variable initializer clears out the entire structure.
>
> Until you can show compiler output from gcc that shows it not
> initializing the structure I will not apply this patch because I know
> that it faithfully does.

On some versions and architectures. ÂCan you guarantee that you will
notice when an exception appears?

Ben.

--
Ben Hutchings
The program is absolutely right; therefore, the computer must be wrong.

Attachment: signature.asc
Description: This is a digitally signed message part

Next message: Mike Marshall: "Re: [PATCH 4/7] fs: make remaining filesystems use .rename2"
Previous message: Catalin Marinas: "Re: [PATCH 1/1] arm64/hugetlb: clear PG_dcache_clean if the page is dirty when munmap"
In reply to: David Miller: "Re: CVE-2014-9900 fix is not upstream"
Next in thread: David Miller: "Re: CVE-2014-9900 fix is not upstream"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]