On Fri, Sep 22, 2023 at 05:14:54AM -0700, Harshit Mogalapalli wrote:
Signed-off-by: Joe Perches <joe@xxxxxxxxxxx>
Link: https://lore.kernel.org/r/3d033c33056d88bbe34d4ddb62afd05ee166ab9a.1600285923.git.joe@xxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
[Harshit: backport to 4.14.y -- regenerated the diff with the help of
coccinelle script in driver/base/ directory.]
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx>
---
Only compile tested. This fixes CVE-2022-20166.
It is not clear whether the CVE was assigned for a demonstrated issue
or just a theoretical one. In any case it's a good defensive measure
against future patches that may introduce a real issue if they assume
this patch is already there.
This is not needed in this kernel tree, so why are you attempting to add
it?
And if you have questions about a CVE, as the entity that gave the cve
out, they are responsible for it, not us!