Re: CVE requests: Three Linux kernel issues

[Eugene Teo <eugene () redhat com>]

> [3] http://permalink.gmane.org/gmane.linux.kernel/1124409 :
>
> | [PATCH] char: istallion: fix arbitrary kernel memory reads/writes
> |
> | stli_brdstats is defined as global variable.  After de-BKL-ization in
> | the patch b4eda9cb48eac1b7 an access to the variable is not serialized
> | anymore.  This leads to the TOCTOU in stli_getbrdstats():
[...]

de-BKL-ization patch b4eda9cb48eac1b7 happened in v2.6.36-rc1.

I don't think this qualifies a CVE as this is a staging driver (not 
supported, experimental, buggy, use at your own risk).

Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }