Submissions have closed for this one, as anyone can read the answer in today's patches :)

still has 132 more CVE fixes than the final 5.4 upstream release from this month (two years later). Food for thought!

Was just taking a look at our CVE system (which can generate all kinds of charts on demand, like who the worst reviewers are by counts of CVEs normalized by the number of reviews by the person), anyway, apparently our 5.4 kernel that we discontinued the beginning of 2024...

Paper does have some new stuff it seems actually that wasn't discussed in 2013, parent notify on devices that don't have o+r/o+w

Here's the https://t.co/gtdcMH0UaX link: https://t.co/KE85idDhs6

Timeline: Jan 7 2013: Mail about attack Jan 18 2013: Attack dead in grsec December 18 2025: Patch lands upstream

Mail from 2013 about it:

Sounds like what was already known and ignored for the past 13+ years upstream that we addressed in grsec back then:

https://t.co/zofZP9vJPy

And for today's final 6.17 send-off, 3 known-broken backports with fixes already available Nov 25, Dec 10, and Oct 24.

Think about how this commit would be interpreted in terms of naive fixes tag analysis for CVEs:

slight delay, going out today

Was just working in this same file a few days ago for a different reason:

Fire up your AI engines nerds, can you spot the bug @_minipli found in a few minutes in this tested/reviewed code?

Beside that, it failed in exactly the spot people should know there was a potential for failure, and no that doesn't in any way make it C-equivalent. My useless 2c, I'm not a fanboy for anything, I only care about facts.

I would like to know more about the claims of it being 'just' a crash though and what that's based on. Specifically, how did it end up trying to access some bogus address above 48bit VA space but not in kernel space, and is there any possible control over it?

Getting messaged a lot about the Rust CVE - for the record, most of the takes I see are majorly overblowing it/wrong (in a "see, no better than C, told you so!" way), even people who should know better (fil-c author) claiming the presence of 'unsafe' makes the whole thing useless

the algorithm is so trash now, i RT a well written blogpost/article about multiple relevant Mediatek driver bugs to 15k followers and it accumulated two RTs...

It better stop soon, I don't know how much more I can take of seeing exploit after exploit of the Linux kernel using techniques that have been dead in grsecurity for ages. Page table this, freelist that, is a Q4 bonus for someone at Twitter really worth inflicting all this? 😭

A lot more that could have been covered in our mail, but it's a good sampling at least. We'll save some of the items to discuss in more detail next year, lots of exciting stuff in the works (even some things that will help non-customers)