Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
From: Jens Axboe <axboe@xxxxxxxxx>
Date: Wed, 2 Oct 2024 09:26:46 -0600
Cc: stable@xxxxxxxxxxxxxxx, pavel@xxxxxxx, cengiz.can@xxxxxxxxxxxxx, mheyne@xxxxxxxxx, mngyadam@xxxxxxxxxx, kuntal.nayak@xxxxxxxxxxxx, ajay.kaher@xxxxxxxxxxxx, zsm@xxxxxxxxxxxx, dan.carpenter@xxxxxxxxxx, shivani.agarwal@xxxxxxxxxxxx, ahalaney@xxxxxxxxxx, alsi@xxxxxxxxxxxxxxx, ardb@xxxxxxxxxx, benjamin.gaignard@xxxxxxxxxxxxx, bli@xxxxxxxxxxxxxxx, chengzhihao1@xxxxxxxxxx, christophe.jaillet@xxxxxxxxxx, ebiggers@xxxxxxxxxx, edumazet@xxxxxxxxxx, fancer.lancer@xxxxxxxxx, florian.fainelli@xxxxxxxxxxxx, harshit.m.mogalapalli@xxxxxxxxxx, hdegoede@xxxxxxxxxx, horms@xxxxxxxxxx, hverkuil-cisco@xxxxxxxxx, ilpo.jarvinen@xxxxxxxxxxxxxxx, jgg@xxxxxxxxxx, kevin.tian@xxxxxxxxx, kirill.shutemov@xxxxxxxxxxxxxxx, kuba@xxxxxxxxxx, luiz.von.dentz@xxxxxxxxx, md.iqbal.hossain@xxxxxxxxx, mpearson-lenovo@xxxxxxxxx, nicolinc@xxxxxxxxxx, pablo@xxxxxxxxxxxxx, rfoss@xxxxxxxxxx, richard@xxxxxx, tfiga@xxxxxxxxxxxx, vladimir.oltean@xxxxxxx, xiaolei.wang@xxxxxxxxxxxxx, yanjun.zhu@xxxxxxxxx, yi.zhang@xxxxxxxxxx, yu.c.chen@xxxxxxxxx, yukuai3@xxxxxxxxxx
In-reply-to: <20241002150606.11385-1-vegard.nossum@oracle.com>
User-agent: Mozilla Thunderbird

On 10/2/24 9:05 AM, Vegard Nossum wrote:
> Christophe JAILLET (1):
>   null_blk: Remove usage of the deprecated ida_simple_xx() API
> 
> Yu Kuai (1):
>   null_blk: fix null-ptr-dereference while configuring 'power' and
>     'submit_queues'

I don't see how either of these are CVEs? Obviously not a problem to
backport either of them to stable, but I wonder what the reasoning for
that is. IOW, feels like those CVEs are bogus, which I guess is hardly
surprising :-)

-- 
Jens Axboe

Follow-Ups:
- Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
  - From: Pavel Machek
- Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
  - From: Dan Carpenter
- Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
  - From: Vegard Nossum

References:
- [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
  - From: Vegard Nossum

Prev by Date: [PATCH RFC 6.6.y 11/15] efi/unaccepted: touch soft lockup during memory accept
Next by Date: Re: [PATCH 5.15,6.1 0/3] Fix block integrity violation of kobject rules
Previous by thread: [PATCH RFC 6.6.y 13/15] null_blk: Remove usage of the deprecated ida_simple_xx() API
Next by thread: Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel] [Kernel Development Newbies] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite Hiking] [Linux Kernel] [Linux SCSI]