>> Hi Greg, >> >> Could you please apply it for 4.4-stable. >> This fixes https://nvd.nist.gov/vuln/detail/CVE-2017-9985 > > This vulnerability is just non-issue. You can't get it working > practically; it requires a modified hardware of the decade old ISA > sound card, and yet the system has to load / set up the module > beforehand. We should withdraw it from CVE, IMO. I think it is worth having it in 4.4, 4.9 and 4.12 also. >> >> Takashi Iwai (1): >> ALSA: msnd: Optimize / harden DSP and MIDI loops >> >> sound/isa/msnd/msnd_midi.c | 30 +++++++++++++++--------------- >> sound/isa/msnd/msnd_pinnacle.c | 23 ++++++++++++----------- >> 2 files changed, 27 insertions(+), 26 deletions(-) >> _______________________________________________ Alsa-devel mailing list Alsa-devel@xxxxxxxxxxxxxxxx http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
