On 11/27/2017 09:03 AM, Eric Biggers wrote:
> Commit cb0631fd3cf9 ("x86/mm: fix use-after-free of vma during userfaultfd
> fault") went into mainline without Cc: stable. It appears to be a
It was a mainline 4.14-rcX regression fix so I didn't CC stable. I
didn't notice that the commit a3c4fb7c9c2ebfd50b8c60f6c069932bb319bc37
that it Fixes did have CC: stable, so I guess my fix should have CC:
stable too. Probably the stable scripts should have picked that anyway,
except I also screwed copy/paste on the Fixes tag, omitting the first
characted of SHA :( (Fixes: 3c4fb7c9c2e ("x86/mm: ...."))
Thanks for noticing!
> use-after-free reachable by unprivileged users -- at least with
> CONFIG_USERFAULTFD=y. Can it please be applied to 4.9-stable?
>
> Eric
>