On Fri, 08 Sep 2017 18:06:25 +0200, grygorii tertychnyi wrote: > > Hi Greg, > > Could you please apply it for 4.4-stable. > This fixes https://nvd.nist.gov/vuln/detail/CVE-2017-9985 This vulnerability is just non-issue. You can't get it working practically; it requires a modified hardware of the decade old ISA sound card, and yet the system has to load / set up the module beforehand. We should withdraw it from CVE, IMO. thanks, Takashi > > Takashi Iwai (1): > ALSA: msnd: Optimize / harden DSP and MIDI loops > > sound/isa/msnd/msnd_midi.c | 30 +++++++++++++++--------------- > sound/isa/msnd/msnd_pinnacle.c | 23 ++++++++++++----------- > 2 files changed, 27 insertions(+), 26 deletions(-) > > -- > 2.10.3.dirty > _______________________________________________ Alsa-devel mailing list Alsa-devel@xxxxxxxxxxxxxxxx http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
