Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751292AbdILHRl (ORCPT ); Tue, 12 Sep 2017 03:17:41 -0400 Received: from mx2.suse.de ([195.135.220.15]:51995 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750987AbdILHRk (ORCPT ); Tue, 12 Sep 2017 03:17:40 -0400 Date: Tue, 12 Sep 2017 09:17:38 +0200 Message-ID: From: Takashi Iwai To: "Grygorii Tertychnyi (gtertych)" Cc: "gregkh@linuxfoundation.org" , "alsa-devel@alsa-project.org" , "linux-kernel@vger.kernel.org" , "xe-linux-external(mailer list)" Subject: Re: [alsa-devel] [PATCH] ALSA: msnd: Optimize / harden DSP and MIDI loops In-Reply-To: <1504892910570.67608@cisco.com> References: <20170908160626.24771-1-gtertych@cisco.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 Emacs/25.2 (x86_64-suse-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 718 Lines: 22 On Fri, 08 Sep 2017 19:47:32 +0200, Grygorii Tertychnyi (gtertych) wrote: > > > >> Hi Greg, > >> > >> Could you please apply it for 4.4-stable. > >> This fixes https://nvd.nist.gov/vuln/detail/CVE-2017-9985 > > > > This vulnerability is just non-issue. You can't get it working > > practically; it requires a modified hardware of the decade old ISA > > sound card, and yet the system has to load / set up the module > > beforehand. We should withdraw it from CVE, IMO. > > I think it is worth having it in 4.4, 4.9 and 4.12 also. ... even though the code has never been tested on the real hardware? That doesn't sound good for stable kernels at all. That's why I didn't put Cc to stable in the patch. Takashi