On Tue, Feb 12, 2008 at 06:48:42PM +0100, Florian Weimer wrote: > * Greg KH: > > > the logic is a little different in 2.6.22 and earlier in regards to this > > area of code. This way we are safer. > > Your patch doesn't include the CVE-2006-0010 hunk. Is this because > get_user() implies an access_ok() check (while __copy_from_user() > obviously does not)?
Yes, that is exactly why. CVE-2006-0010 and -0009 are not applicable to kernels prior to 2.6.23. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
