Re: [stable] [PATCH] vmsplice exploit fix (was: splice: fix userpointer access in get_iovec_page_array)

[Greg KH]

On Sun, Feb 10, 2008 at 11:29:50PM -0800, Daniel Phillips wrote:
> Kudos to all involved in the rapid response.  But.
> 
> Information on patching this vulnerability is not available front and 
> center in many of the places you would expect: kernel.org front page, 
> debian.org front page, covered on planet.debian.org but without a 
> pointer to the patch, and so on.  So this post provides a subject line 
> for Google to find, and for good measure mentions the word 
> vulnerability.

All currently active Linux kernel versions are now released with a fix
for this problem.  We have released them through our normal channels,
with the needed information as to what the problem is, a pointer to the
CVE number, and the patch itself.

I don't think there's much more we need to do here, do you?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/