Re: CVE request: kernel: a collection of world-writable debugfs bugs

[Eugene Teo <eugene () redhat com>]

On 04/16/2011 03:51 AM, akuster wrote:
> Does affected code have to be in the main K.O repo or can it be in any
> of the other git kernel repos to get a CVE #?
>
> We have least one product possible affected in
> arch/arm/mach-omap2/debobs.c but this file does not exist in K.O, maybe
> somewhere else (our paper trail on this is coming up cold so I don't
> know where is came from).

The affected code need not be in the mainline kernel. You may request a 
name even if it only affects the version of kernel as shipped by mvista.

Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }