From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754649AbcHWQk4 (ORCPT ); Tue, 23 Aug 2016 12:40:56 -0400 Received: from shards.monkeyblade.net ([184.105.139.130]:52466 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754596AbcHWQky (ORCPT ); Tue, 23 Aug 2016 12:40:54 -0400 Date: Tue, 23 Aug 2016 09:40:29 -0700 (PDT) Message-Id: <20160823.094029.1244944495918162255.davem@davemloft.net> To: luis.henriques@canonical.com Cc: avijitnsec@codeaurora.org, ben@decadent.org.uk, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: CVE-2014-9900 fix is not upstream From: David Miller In-Reply-To: <1471959668-18209-1-git-send-email-luis.henriques@canonical.com> References: <1471959668-18209-1-git-send-email-luis.henriques@canonical.com> X-Mailer: Mew version 6.7 on Emacs 24.5 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Tue, 23 Aug 2016 09:40:31 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Luis Henriques Date: Tue, 23 Aug 2016 14:41:07 +0100 > Digging through some old CVEs I came across this one that doesn't seem be > in mainline. Was there a good reason for not being sent upstream? Maybe it was > rejected for some reason and I failed to find the discussion. Because the patch is completely bogus, and thus so is the CVE. The variable initializer clears out the entire structure. Until you can show compiler output from gcc that shows it not initializing the structure I will not apply this patch because I know that it faithfully does.