Fixes CVE-2018-20669 Backported from v5.0-rc1 Patch 1/1
Also, that cve was "supposed" to already be fixed in the 4.19.13 kernel release for some reason, and it's a drm issue, not a core access_ok() issue.
So why is this needed for 4.14?
See https://access.redhat.com/security/cve/cve-2018-20669 Looks like Linus' fix was attacking this at the root cause, not only for DRM.
Also, i use https://www.linuxkernelcves.com/ as a research source, and they claim that CVE not fixed in 4.19. (and i'll check for the other LTS kernels as well)
Signed-off-by: Linus Torvalds torvalds@linux-foundation.org
No s-o-by from you?
Ops. Will add this in a resend.
Want to give this work back to the community, as 4.14 is a SLTS.
What is "SLTS"?
Super Long Term Supported kernel - thanks to guys like you :-) 4.14 really is that (Jan. 2024, as of https://www.kernel.org/category/releases.html)
thanks,
greg k-h
Thanks, and i have some other patches backported to 4.14 as CVE fixes, which i'll propose in the next hours.
BR Carsten ----------------- Mentor Graphics (Deutschland) GmbH, Arnulfstraße 201, 80634 München / Germany Registergericht München HRB 106955, Geschäftsführer: Thomas Heurung, Alexander Walter