Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)

[Bastian Blank <waldi@debian.org>]

On Tue, Feb 12, 2008 at 07:01:58PM +0100, Florian Weimer wrote:
> For the record, the above hunk is unnecessary because the get_user()
> calls which immediately follow the quoted code perform implict
> access_ok() checks.  CVE-2008-0010 does NOT apply to our 2.6.18 kernel
> (but the additional access_ok() call doesn't cause any harm, either).

Looks like I missread a comment. I rechecked it and it does the check.

Bastian

-- 
No problem is insoluble.
		-- Dr. Janet Wallace, "The Deadly Years", stardate 3479.4