[PATCH 00/11] [lucid] CVE-2010-4251
Paolo Pisati
paolo.pisati at canonical.com
Mon Jul 11 08:17:37 UTC 2011
All patches from master, need review and ack.
Patches [3-5] are not related to this CVE, but are necessary to apply patch
6 cleanly.
Tested on a lucid qemu image: boot test plus an entire system `apt-get upgrade`.
Eric Dumazet (3):
ipv6: udp: Optimise multicast reception
ipv4: udp: Optimise multicast reception
udp: multicast RX should increment SNMP/sk_drops counter in
allocation failures
Zhu Yi (8):
net: add limit for socket backlog CVE-2010-4251
tcp: use limited socket backlog CVE-2010-4251
udp: use limited socket backlog CVE-2010-4251
llc: use limited socket backlog CVE-2010-4251
sctp: use limited socket backlog CVE-2010-4251
tipc: use limited socket backlog CVE-2010-4251
x25: use limited socket backlog CVE-2010-4251
net: backlog functions rename CVE-2010-4251
include/net/sock.h | 17 +++++++-
net/core/sock.c | 16 +++++++-
net/dccp/minisocks.c | 2 +-
net/ipv4/tcp_ipv4.c | 6 ++-
net/ipv4/tcp_minisocks.c | 2 +-
net/ipv4/udp.c | 92 ++++++++++++++++++++++++++++++++--------------
net/ipv6/tcp_ipv6.c | 6 ++-
net/ipv6/udp.c | 89 +++++++++++++++++++++++++++++++-------------
net/llc/llc_c_ac.c | 2 +-
net/llc/llc_conn.c | 3 +-
net/sctp/input.c | 42 +++++++++++++-------
net/sctp/socket.c | 3 +
net/tipc/socket.c | 6 ++-
net/x25/x25_dev.c | 2 +-
14 files changed, 204 insertions(+), 84 deletions(-)
--
1.7.5.3
More information about the kernel-team
mailing list