3 Dec
2024
3 Dec
'24
8:34 a.m.
On 12/3/2024 4:23 PM, Greg KH wrote:
CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe.
On Tue, Dec 03, 2024 at 02:52:13PM +0800, bin.lan.cn@eng.windriver.com wrote:
From: Jia Jie Ho jiajie.ho@starfivetech.com
[ Upstream commit d7f01649f4eaf1878472d3d3f480ae1e50d98f6c ]
RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.
Cc: stable@vger.kernel.org #6.7+
The cc: says 6.7 and newer, and yet you are wanting this for 6.6.y? Why? Why ignore what the author asked for?
thanks,
greg k-h
I want to backport it to fix CVE-2024-39478.
Bin Lan