| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024112839-headlock-timothy-4ff7@gregkh> Date: Thu, 28 Nov 2024 17:52:49 +0100 From: Greg KH <gregkh@...uxfoundation.org> To: Al Viro <viro@...iv.linux.org.uk> Cc: Nanyong Sun <sunnanyong@...wei.com>, cve@...nel.org, linux-cve-announce@...r.kernel.org, linux-kernel@...r.kernel.org, aha310510@...il.com, Hugh Dickins <hughd@...gle.com> Subject: Re: CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() On Mon, Nov 25, 2024 at 09:29:46PM +0000, Al Viro wrote: > On Mon, Nov 25, 2024 at 10:16:37PM +0100, Greg KH wrote: > > On Mon, Nov 25, 2024 at 03:49:44PM +0800, Nanyong Sun wrote: > > > Hi Greg, > > > Will this CVE be rejected in the future? This patch has introduced a > > > problem and has been reverted: > > > https://lore.kernel.org/all/20241116233053.F1FBAC4CEC3@smtp.kernel.org/T/ > > > > > > > What is the git commit id of this change? Is it in Linus's tree yet? > > And did the original syzbot splat get fixed some other way? > > Revert in mainline is d1aa0c04294e29883d65eac6c2f72fe95cc7c049; patch > had really been pointless and we'd better watch out for its analogues > being introduced. > > IMO "fixes a data-race" in patch description has become a serious red flag > for review by now. Some of them are valid, some are pointless and occasionally > actively harmful. > Fair enough, now rejected, thanks for the review! greg k-h
Powered by blists - more mailing lists