Fix potential vulnerability in cloned code

Open manh-td opened this issue 1 month ago • 0 comments

This PR fixes a potential security vulnerability in rose_heartbeat_expiry(), rose_timer_expiry() and rose_idletimer_expiry() that was cloned from torvalds/linux but did not receive the security patch.

Vulnerability Details:

Affected Function: rose_heartbeat_expiry(), rose_timer_expiry() and rose_idletimer_expiry() in net/rose/rose_timer.c
Original Fix: https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6

What this PR does: This PR applies the same security patch that was applied to the original repository to eliminate the potential vulnerability in the cloned code.

References:

https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6
https://nvd.nist.gov/vuln/detail/CVE-2022-2318

Please review and merge this PR to ensure your repository is protected against this vulnerability.

Dec 19 '25 02:12 manh-td