> Ok, but what does that mean for us? > > You need to say why you are sending a patch, otherwise we will guess wrong.
In drivers/gpu/drm/i915/i915_gem_execbuffer.c, ioctl functions does user_access_begin() without doing access_ok(Checks if a user space pointer is valid) first. A local attacker can craft a malicious ioctl function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation (CVE-2018-20669) This patch makes sure that user_access_begin always does access_ok. user_access_begin has been modified to do access_ok internally. Thanks, Ashwin _______________________________________________ dri-devel mailing list dri-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/dri-devel
