On Tue, Sep 24, 2024 at 03:35:33PM +0800, Yu Kuai wrote:
Hi, all!
This is a request to close this CVE.
First of all, I think this really is not a kernel BUG, the deadloop
only exist in user side and user must rename between each readdir
syscall:
while (readdr() > 0)
rename()
Sounds like a real thing that users can do, so why does this not fit the
definition of "vulnerability" as documented by cve.org?
On the other hand, v6.6 is affected by this CVE, and this fix can't
be backported to v6.6 because the patchset [1] must be backported first
to expand offset from 32-bit to 64-bit.(This kind of refactor will
break kabi, hence it's not acceptable in our downstream kernels)
That's your business decision, and does not affect if we do, or do not,
assign a CVE at all. Go work with your management if you wish to change
this as it does not pertain to the community in any way.
thanks,
greg k-h
.