[kernel-sec-discuss] r4659 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon Oct 17 18:18:25 UTC 2016
Author: benh
Date: 2016-10-17 18:18:25 +0000 (Mon, 17 Oct 2016)
New Revision: 4659
Modified:
active/CVE-2015-8952
Log:
Triage CVE-2015-8952 further
Modified: active/CVE-2015-8952
===================================================================
--- active/CVE-2015-8952 2016-10-17 17:49:02 UTC (rev 4658)
+++ active/CVE-2015-8952 2016-10-17 18:18:25 UTC (rev 4659)
@@ -7,11 +7,15 @@
bwh> The upstream fix (rewrite of mbcache) is too intrusive to backport.
bwh> We could try to mitigate this with cond_resched() as suggested in
bwh> comment 1 on the bz.k.o bug report and/or add the no_mbcache mount
- bwh> option as in comment 6.
+ bwh> option as in comment 12. However a new mount option is an uAPI
+ bwh> extension that we would have to support indefinitely even though
+ bwh> it's redundant in new kernel versions.
+ bwh> The problem seems to have been introduced (or exacerbated) by commit
+ bwh> 1f3e55fe02d1 in 3.15, which added a retry loop in mb_cache_entry_alloc().
Bugs:
upstream: released (4.6-rc1) [f9a61eb4e2471c56a63cd804c7474128138c38ac, 82939d7999dfc1f1998c4b1c12e2f19edbdff272, be0726d33cb8f411945884664924bed3cb8c70ee]
3.16-upstream-stable: ignored "Too intrusive to backport"
-3.2-upstream-stable: ignored "Too intrusive to backport"
+3.2-upstream-stable: ignored "Too intrusive to backport, and seems to be minor issue"
sid: released (4.6.1-1)
3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.2-wheezy-security: ignored "Too intrusive to backport, and seems to be minor issue"
More information about the kernel-sec-discuss
mailing list