First, a correction to my original post. The fix for the TPM bug on vendorsec came from
Michael Halcrow, not Serge Hallyn.
I should have linked to the proper URL, which is:
Here we see Greg committed it into -stable, and Al Viro and Chris Wright both signed off on
it. Unless Greg or any of the other people signing off on the commit didn't read any of the
link which was pasted (which I find very hard to believe) the information about it being a
local DoS was intentionally suppressed.
If you don't bother to spend the time to go and read the links to everything the PaX team and
I have posted, then it would be easy to assume that this is just some huge series of
incompetence (which extends back far beyond these last two releases where I started to
actually point things out). If you go and actually read the references though, I think you'd
have to be pretty naive and distort the evidence in every case to come to a conclusion of mere
Like I mentioned before though, the public doesn't have all of the information at hand since
so much goes on behind the scenes in private mailing lists with no accountability. I alluded
to a few of the instances earlier if you actually read all my previous posts, but I'm
compiling the full details of this information and will be submitting it to LKML and other
mailing lists, since it's too good to waste here. It should clear up any lingering doubts.