Quoting Mahesh Bandewar (महेश बंडेवार) (maheshb@xxxxxxxxxx): > Of course. Let's take an example of the CVE that I have mentioned in > my cover-letter - > CVE-2017-7308(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7308). > It's well documented and even has a > exploit(https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308) > c-program that can demonstrate how it can be used against non-patched > kernel. There is very nice blog > post(https://googleprojectzero.blogspot.kr/2017/05/exploiting-linux-kernel-via-packet.html) > about this vulnerability by Andrey Konovalov. Ok, thanks. It's a good example because the fix for this CVE actually came by itself (http://kernel.ubuntu.com/git/ubuntu/ubuntu-xenial.git/tree/debian.master/changelog). Normally multiple CVEs come at the same time, which would make a workaround for one now helpful. This is a good counter-example. I'm going to maintain that I really don't like this. But it looks useful, so ack on the concept, I'll just have to look again at the code now. Thanks for indulging me. -serge -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
