From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Pavel Machek <pavel@denx.de>
Cc: Jens Axboe <axboe@kernel.dk>,
Vegard Nossum <vegard.nossum@oracle.com>,
stable@vger.kernel.org, cengiz.can@canonical.com,
mheyne@amazon.de, mngyadam@amazon.com, kuntal.nayak@broadcom.com,
ajay.kaher@broadcom.com, zsm@chromium.org,
dan.carpenter@linaro.org, shivani.agarwal@broadcom.com,
ahalaney@redhat.com, alsi@bang-olufsen.dk, ardb@kernel.org,
benjamin.gaignard@collabora.com, bli@bang-olufsen.dk,
chengzhihao1@huawei.com, christophe.jaillet@wanadoo.fr,
ebiggers@kernel.org, edumazet@google.com,
fancer.lancer@gmail.com, florian.fainelli@broadcom.com,
harshit.m.mogalapalli@oracle.com, hdegoede@redhat.com,
horms@kernel.org, hverkuil-cisco@xs4all.nl,
ilpo.jarvinen@linux.intel.com, jgg@nvidia.com,
kevin.tian@intel.com, kirill.shutemov@linux.intel.com,
kuba@kernel.org, luiz.von.dentz@intel.com,
md.iqbal.hossain@intel.com, mpearson-lenovo@squebb.ca,
nicolinc@nvidia.com, pablo@netfilter.org, rfoss@kernel.org,
richard@nod.at, tfiga@chromium.org, vladimir.oltean@nxp.com,
xiaolei.wang@windriver.com, yanjun.zhu@linux.dev,
yi.zhang@redhat.com, yu.c.chen@intel.com, yukuai3@huawei.com
Subject: Re: [PATCH RFC 6.6.y 00/15] Some missing CVE fixes
Date: Tue, 8 Oct 2024 13:24:05 +0200 [thread overview]
Message-ID: <2024100820-endnote-seldom-127c@gregkh> (raw)
In-Reply-To: <ZwUUjKD7peMgODGB@duo.ucw.cz>
On Tue, Oct 08, 2024 at 01:16:28PM +0200, Pavel Machek wrote:
> On Wed 2024-10-02 09:26:46, Jens Axboe wrote:
> > On 10/2/24 9:05 AM, Vegard Nossum wrote:
> > > Christophe JAILLET (1):
> > > null_blk: Remove usage of the deprecated ida_simple_xx() API
> > >
> > > Yu Kuai (1):
> > > null_blk: fix null-ptr-dereference while configuring 'power' and
> > > 'submit_queues'
> >
> > I don't see how either of these are CVEs? Obviously not a problem to
> > backport either of them to stable, but I wonder what the reasoning for
> > that is. IOW, feels like those CVEs are bogus, which I guess is hardly
> > surprising :-)
>
> "CVE" has become meaningless for kernel. Greg simply assigns CVE to
> anything that remotely resembles a bug.
Stop spreading nonsense. We are following the cve.org rules with
regards to assigning vulnerabilities to their definition.
And yes, many bugs at this level (turns out about 25% of all stable
commits) match that definition, which is fine. If you have a problem
with this, please take it up with cve.org and their rules, but don't go
making stuff up please.
greg k-h
next prev parent reply other threads:[~2024-10-08 11:24 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-02 15:05 [PATCH RFC 6.6.y 00/15] Some missing CVE fixes Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 01/15] ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path Vegard Nossum
2024-10-02 16:26 ` Dan Carpenter
2024-10-02 16:29 ` Dan Carpenter
2024-10-05 0:45 ` Sasha Levin
2024-10-02 15:05 ` [PATCH RFC 6.6.y 02/15] media: usbtv: Remove useless locks in usbtv_video_free() Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 03/15] Bluetooth: hci_sock: Fix not validating setsockopt user input Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 04/15] Bluetooth: ISO: " Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 05/15] Bluetooth: L2CAP: " Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 06/15] netfilter: nf_tables: fix memleak in map from abort path Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 07/15] netfilter: nf_tables: restore set elements when delete set fails Vegard Nossum
2024-10-02 15:05 ` [PATCH RFC 6.6.y 08/15] net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events Vegard Nossum
2024-10-02 15:06 ` [PATCH RFC 6.6.y 09/15] iommufd: Fix protection fault in iommufd_test_syz_conv_iova Vegard Nossum
2024-10-02 15:16 ` Jason Gunthorpe
2024-10-02 15:06 ` [PATCH RFC 6.6.y 10/15] drm/bridge: adv7511: fix crash on irq during probe Vegard Nossum
2024-10-02 15:12 ` [PATCH RFC 6.6.y 11/15] efi/unaccepted: touch soft lockup during memory accept Vegard Nossum
2024-10-02 15:12 ` [PATCH RFC 6.6.y 12/15] platform/x86: think-lmi: Fix password opcode ordering for workstations Vegard Nossum
2024-10-04 1:00 ` Mark Pearson
2024-10-02 15:12 ` [PATCH RFC 6.6.y 13/15] null_blk: Remove usage of the deprecated ida_simple_xx() API Vegard Nossum
2024-10-02 15:12 ` [PATCH RFC 6.6.y 14/15] null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Vegard Nossum
2024-10-02 15:12 ` [PATCH RFC 6.6.y 15/15] net: stmmac: move the EST lock to struct stmmac_priv Vegard Nossum
2024-10-02 15:26 ` [PATCH RFC 6.6.y 00/15] Some missing CVE fixes Jens Axboe
2024-10-02 15:46 ` Vegard Nossum
2024-10-02 15:49 ` Jens Axboe
2024-10-08 11:19 ` Pavel Machek
2024-10-08 11:24 ` Greg Kroah-Hartman
2024-10-08 11:40 ` Pavel Machek
2024-10-08 11:51 ` Greg Kroah-Hartman
2024-10-02 15:50 ` Dan Carpenter
2024-10-02 15:54 ` Jens Axboe
2024-10-08 11:16 ` Pavel Machek
2024-10-08 11:24 ` Greg Kroah-Hartman [this message]
2024-10-08 11:35 ` Pavel Machek
2024-10-08 11:44 ` Greg Kroah-Hartman
2024-10-08 11:56 ` Christian Heusel
2024-10-08 12:33 ` Pavel Machek
2024-10-08 13:02 ` Greg Kroah-Hartman
2024-10-02 19:43 ` Pablo Neira Ayuso
2024-10-08 10:32 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024100820-endnote-seldom-127c@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=ahalaney@redhat.com \
--cc=ajay.kaher@broadcom.com \
--cc=alsi@bang-olufsen.dk \
--cc=ardb@kernel.org \
--cc=axboe@kernel.dk \
--cc=benjamin.gaignard@collabora.com \
--cc=bli@bang-olufsen.dk \
--cc=cengiz.can@canonical.com \
--cc=chengzhihao1@huawei.com \
--cc=christophe.jaillet@wanadoo.fr \
--cc=dan.carpenter@linaro.org \
--cc=ebiggers@kernel.org \
--cc=edumazet@google.com \
--cc=fancer.lancer@gmail.com \
--cc=florian.fainelli@broadcom.com \
--cc=harshit.m.mogalapalli@oracle.com \
--cc=hdegoede@redhat.com \
--cc=horms@kernel.org \
--cc=hverkuil-cisco@xs4all.nl \
--cc=ilpo.jarvinen@linux.intel.com \
--cc=jgg@nvidia.com \
--cc=kevin.tian@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kuba@kernel.org \
--cc=kuntal.nayak@broadcom.com \
--cc=luiz.von.dentz@intel.com \
--cc=md.iqbal.hossain@intel.com \
--cc=mheyne@amazon.de \
--cc=mngyadam@amazon.com \
--cc=mpearson-lenovo@squebb.ca \
--cc=nicolinc@nvidia.com \
--cc=pablo@netfilter.org \
--cc=pavel@denx.de \
--cc=rfoss@kernel.org \
--cc=richard@nod.at \
--cc=shivani.agarwal@broadcom.com \
--cc=stable@vger.kernel.org \
--cc=tfiga@chromium.org \
--cc=vegard.nossum@oracle.com \
--cc=vladimir.oltean@nxp.com \
--cc=xiaolei.wang@windriver.com \
--cc=yanjun.zhu@linux.dev \
--cc=yi.zhang@redhat.com \
--cc=yu.c.chen@intel.com \
--cc=yukuai3@huawei.com \
--cc=zsm@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).