{
  "repository": "linux-stable",
  "repository_url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
  "commit_source": "build_metadata",
  "commit_sha": "e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69",
  "commit_resolution_notes": "The vulnerable kernel image (bzImage) and the vulnerable bonding.ko were built from a git.kernel.org tarball snapshot of commit e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69 (mainline 7.0.0-rc2, the parent of the upstream fix 950803f7254721c1c15858fbbfae3deaaeeecb11). The exact identity is recorded in the build marker file kernels/bond7rc2/BUILT_MARKER (vuln_commit=e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69, fix_commit=950803f7254721c1c15858fbbfae3deaaeeecb11, kver=7.0.0-rc2) and confirmed by the in-VM banner 'Linux version 7.0.0-rc2 ... #1 SMP PREEMPT_DYNAMIC'. The source tree is a tarball snapshot (not a git clone), so no git rev-parse was available; the commit was resolved from the tarball URL and the build marker.",
  "kernel_version": "7.0.0-rc2",
  "build_marker": {
    "vuln_commit": "e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69",
    "fix_commit": "950803f7254721c1c15858fbbfae3deaaeeecb11",
    "kver": "7.0.0-rc2",
    "config_kasan": "y",
    "printk_in_ipgre_and_ip6gre": "yes",
    "bonding_module_swap": "vuln(no bond_header_ops)/fixed(has bond_header_ops)"
  },
  "submitted_target": {
    "target_kind": "kernel_source_commit",
    "commit_sha": "e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69",
    "version": "7.0.0-rc2",
    "ref": "v7.0.0-rc2",
    "display": "Linux 7.0.0-rc2 (commit e3f5e0f22, parent of upstream fix 950803f7)"
  },
  "variant_target": {
    "target_kind": "kernel_source_commit",
    "commit_sha": "e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69",
    "version": "7.0.0-rc2",
    "ref": "v7.0.0-rc2",
    "display": "Linux 7.0.0-rc2 (commit e3f5e0f22) -- vulnerable kernel on which the ip6gre variant DoS was reproduced; the fixed-side control is the same base kernel with bonding.ko rebuilt after applying fix 950803f7"
  },
  "fixed_target": {
    "target_kind": "kernel_source_commit_plus_patch",
    "commit_sha": "e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69",
    "patch_commit": "950803f7254721c1c15858fbbfae3deaaeeecb11",
    "version": "7.0.0-rc2",
    "display": "Linux 7.0.0-rc2 (e3f5e0f22) + bonding fix 950803f7 applied to drivers/net/bonding/bond_main.c (bond_header_ops); the ip6gre variant does NOT crash here"
  },
  "notes": "Both the vulnerable and fixed kernels share the same bzImage (built from e3f5e0f22 with pr_info injected into ipgre_header and ip6gre_header); only bonding.ko is swapped between runs (vulnerable = no bond_header_ops, fixed = has bond_header_ops). This is a clean A/B negative control on identical userspace and kernel image."
}
