Re: [stable] [PATCH] vmsplice exploit fix (was: splice: fix user pointer access in get_iovec_page_array)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Daniel Phillips <phillips@...>

Cc: Pekka J Enberg <penberg@...>, <ndenev@...>, <bastian@...>, <linux-kernel@...>, <jens.axboe@...>, <akpm@...>, <oliver.pntr@...>, <torvalds@...>, <stable@...>

Subject: Re: [stable] [PATCH] vmsplice exploit fix (was: splice: fix user pointer access in get_iovec_page_array)

Date: Monday, February 11, 2008 - 3:53 am

On Sun, Feb 10, 2008 at 11:29:50PM -0800, Daniel Phillips wrote:
quoted text> Kudos to all involved in the rapid response.  But.
> 
> Information on patching this vulnerability is not available front and 
> center in many of the places you would expect: kernel.org front page, 
> debian.org front page, covered on planet.debian.org but without a 
> pointer to the patch, and so on.  So this post provides a subject line 
> for Google to find, and for good measure mentions the word 
> vulnerability.

All currently active Linux kernel versions are now released with a fix
for this problem.  We have released them through our normal channels,
with the needed information as to what the problem is, a pointer to the
CVE number, and the patch itself.

I don't think there's much more we need to do here, do you?

thanks,

greg k-h
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] splice: fix user pointer access in get_iovec_page_ar..., Pekka J Enberg, (Sun Feb 10, 10:47 am)

[PATCH] vmsplice exploit fix (was: splice: fix user pointer ..., Daniel Phillips, (Mon Feb 11, 3:29 am)

Re: [PATCH] vmsplice exploit fix (was: splice: fix user poin..., Pekka Enberg, (Mon Feb 11, 3:49 am)

Re: [PATCH] vmsplice exploit fix (was: splice: fix user poin..., Daniel Phillips, (Mon Feb 11, 4:00 am)

Re: [stable] [PATCH] vmsplice exploit fix (was: splice: fix ..., Greg KH, (Mon Feb 11, 3:53 am)

Re: [stable] [PATCH] vmsplice exploit fix (was: splice: fix ..., Daniel Phillips, (Mon Feb 11, 4:05 am)

Re: [PATCH] splice: fix user pointer access in get_iovec_pag..., Willy Tarreau, (Sun Feb 10, 7:37 pm)

Re: [PATCH] splice: fix user pointer access in get_iovec_pag..., Oliver Pinter, (Mon Feb 11, 2:24 am)

Re: [PATCH] splice: fix user pointer access in get_iovec_pag..., Bastian Blank, (Sun Feb 10, 11:17 am)

Re: [PATCH] splice: fix user pointer access in get_iovec_pag..., Oliver Pinter, (Sun Feb 10, 11:31 am)


linux-kernel:
Mike Galbraith	Re: regression: CD burning (k3b) went broke
Andi Kleen	[PATCH] [3/22] x86_64: Kill temp boot pmds
Alan Cox	Re: [PATCH][RFC] 4K stacks default, not a debug thing any more...?
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
git:

openbsd-misc:

linux-netdev:
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 05/37] dccp: Cleanup routines for feature negotiation
Brandeburg, Jesse	RE: [PATCH] e1000e: test MSI interrupts