Date: Wed, 1 Apr 2015 10:28:27 -0700 From: Roland Dreier <roland@...estorage.com> To: Shachar Raindel <raindel@...lanox.com> Cc: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>, "<linux-rdma@...r.kernel.org> (linux-rdma@...r.kernel.org)" <linux-rdma@...r.kernel.org>, "stable@...r.kernel.org" <stable@...r.kernel.org> Subject: Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access On Wed, Mar 18, 2015 at 10:39 AM, Shachar Raindel <raindel@...lanox.com> wrote: > Date: Sun, 04 Jan 2015 18:30:32 +0200 > Subject: [PATCH] IB/core: Prevent integer overflow in ib_umem_get address arithmetic Just so we're clear, this bug has been known since January 4, and it's getting sent upstream now? I assume we want it in 4.0 and -stable?
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ