lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 7 Oct 2023 13:21:26 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
Cc:     stable@...r.kernel.org, joe@...ches.com, blamoreaux@...are.com,
        linux-kernel@...r.kernel.org, vegard.nossum@...cle.com
Subject: Re: [PATCH 4.14.y] drivers core: Use sysfs_emit and sysfs_emit_at
 for show(device *...) functions

On Fri, Sep 22, 2023 at 05:14:54AM -0700, Harshit Mogalapalli wrote:
> Signed-off-by: Joe Perches <joe@...ches.com>
> Link: https://lore.kernel.org/r/3d033c33056d88bbe34d4ddb62afd05ee166ab9a.1600285923.git.joe@perches.com
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> [Harshit: backport to 4.14.y -- regenerated the diff with the help of
> coccinelle script in driver/base/ directory.]
> Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
> ---
> Only compile tested. This fixes CVE-2022-20166.
> It is not clear whether the CVE was assigned for a demonstrated issue
> or just a theoretical one. In any case it's a good defensive measure
> against future patches that may introduce a real issue if they assume
> this patch is already there.

This is not needed in this kernel tree, so why are you attempting to add
it?

And if you have questions about a CVE, as the entity that gave the cve
out, they are responsible for it, not us!

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ