Hello!I read the article http://neil.brown.name/blog/20120615073245 , which explains a nasty bug about raids, but i'm wondering if any of these code was backported to gentoo-sources or hardened-sources.
From the article: "The bug was introduced bycommit c744a65c1e2d59acc54333ce8 md: don't set md arrays to readonly on shutdown.
and fixed bycommit 30b8aa9172dfeaac6d77897c67ee9f9fc574cdbb md: fix possible corruption of array metadata on shutdown.
These entered the upstream kernel for v3.4-rc1 and v3.4-rc5 respectively, so no main-line released kernel is vulnerable.
However the first patch was tagged "Cc: sta...@vger.kernel.org" as it fixed a bug, and so it was added to some stable releases.
For v3.3.y the bug was introduced by commit ed1b69c5592d1 in v3.3.1 and fixed by commit ff459d1ea87ea7 in v3.3.4, so v3.3.1, v3.3,2, and v3.3.3 are vulnerable.
For v3.2.y the bug was introduced by commit 6bd620a44f7fd in v3.2.14 and fixed by commit 31097a1c490c in v3.2.17 so v3.2.14, v3.2.15. v3.2.16 are all vulnerable.
The bug was not backported to any other kernel.org kernels. so only those 6 are vulnerable. Some distributors may have picked up the patch applied it to their own kernel so it is possible that other kernels are vulnerable too."
smime.p7s
Description: S/MIME kriptográfiai aláírás
