* Thomas Preudhomme: > Yes absolutely, CSE needs to be avoided. I made memory access volatile > because the change was easier to do. Also on Arm Thumb-1 computing the > guard's address itself takes several loads so had to modify some more > patterns. Anyway, regardless of the proper fix, do you have any objection > to raising a CVE for that issue?
Please file a bug in Bugzilla first and use that in the submission to MITRE.