On Thu, Jan 14, 2021 at 05:55:13PM -0800, Saied Kazemi wrote:
Hi Greg, To fix CVE-2020-29372 in COS kernel versions 4.19 and 5.4, we cherry-picked the commit "mm: check that mm is still valid in madvise()" (bc0c4d1e176e) that Jens introduced in kernel version 5.7.0 into our kernel sources. The commit is small and the cherry-pick was successful for both COS kernels versions. Because COS 4.19 and 5.4 kernels track 4.19.y and 5.4.y respectively, can you please cherry-pick the commit to those stable branches?
5.4 didn't support IORING_OP_MADVISE and 4.19 didn't have io_uring to begin with, how is this an issue on those branches? -- Thanks, Sasha
