Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756248AbdIHQ6A (ORCPT ); Fri, 8 Sep 2017 12:58:00 -0400 Received: from mx2.suse.de ([195.135.220.15]:38895 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754929AbdIHQ56 (ORCPT ); Fri, 8 Sep 2017 12:57:58 -0400 Date: Fri, 08 Sep 2017 18:57:57 +0200 Message-ID: From: Takashi Iwai To: grygorii tertychnyi Cc: gregkh@linuxfoundation.org, xe-linux-external@cisco.com, linux-kernel@vger.kernel.org, alsa-devel@alsa-project.org Subject: Re: [PATCH] ALSA: msnd: Optimize / harden DSP and MIDI loops In-Reply-To: <20170908160626.24771-1-gtertych@cisco.com> References: <20170908160626.24771-1-gtertych@cisco.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 Emacs/25.2 (x86_64-suse-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 742 Lines: 29 On Fri, 08 Sep 2017 18:06:25 +0200, grygorii tertychnyi wrote: > > Hi Greg, > > Could you please apply it for 4.4-stable. > This fixes https://nvd.nist.gov/vuln/detail/CVE-2017-9985 This vulnerability is just non-issue. You can't get it working practically; it requires a modified hardware of the decade old ISA sound card, and yet the system has to load / set up the module beforehand. We should withdraw it from CVE, IMO. thanks, Takashi > > Takashi Iwai (1): > ALSA: msnd: Optimize / harden DSP and MIDI loops > > sound/isa/msnd/msnd_midi.c | 30 +++++++++++++++--------------- > sound/isa/msnd/msnd_pinnacle.c | 23 ++++++++++++----------- > 2 files changed, 27 insertions(+), 26 deletions(-) > > -- > 2.10.3.dirty >