Re: CVE request - kernel: untangle the do_mremap() mess

[Josh Bressers <bressers () redhat com>]

----- "Steven M. Christey" <coley () linus mitre org> wrote:
> On Wed, 20 Jan 2010, Eugene Teo wrote:
>
> > Anyway, Al summarised the mess here:
> > http://marc.info/?l=linux-arch&m=126004438008670&w=2
> >
> > And the pile of upstream commits were meant to address the problems
> > described AFAIK. It will probably make more sense to associate all
> > these related commits to just one CVE name.
>
> I defer to Josh on this, but in a series of patches that is referred to
> as "mremap/mmap mess" in some linux-kernel subject lines, for which a
> specialist like Eugene is not entirely certain about, in which some of
> the patches are assembly-level changes for individual architectures, and
> where few of the patch diffs make it clear what the underlying problem
> was - we could collectively spend a week of labor trying to figure
> everything out from a purist CVE perspective, or anchor on a single
> series of commits that are hopefully attached to a single kernel RC or
> minor version release.  I suspect the latter would be more helpful to the
> general CVE consumer community, so my recommendation is for a single CVE,
> assuming that all of these patches make it into a single kernel update.

Let's use CVE-2010-0291 for this one.

Thanks.

-- 
    JB