From cc80e1e14dd36e7e8b24e7cf1bac005042a23e4f Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Tue, 12 Nov 2019 22:04:36 +0000
Subject: Update two issues that need more work to fix in 3.16

---
 active/CVE-2019-2213 | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'active/CVE-2019-2213')

diff --git a/active/CVE-2019-2213 b/active/CVE-2019-2213
index 48e9e9e4..186d2a62 100644
--- a/active/CVE-2019-2213
+++ b/active/CVE-2019-2213
@@ -2,8 +2,12 @@ Description: binder: fix possible UAF when freeing buffer
 References:
  https://lore.kernel.org/patchwork/patch/1087916/
 Notes:
+ bwh> For branches older than 4.20, the second hunk should be applied
+ bwh> to binder_thread_write() instead of binder_free_buf().
  bwh> For branches older than 4.14, the first hunk should be applied to
  bwh> binder_pop_transaction() instead of binder_free_transaction().
+ bwh> It's not clear how the locking should be done for branches older
+ bwh> than 4.14 though.
 Bugs:
 upstream: released (5.2-rc6) [a370003cc301d4361bae20c9ef615f89bf8d1e8a]
 4.19-upstream-stable: released (4.19.64) [22068d49d09d2b3890e19d7b2048a33340f992da]
-- 
cgit v1.2.3