[ACK] [CVE-2011-1180] irda: validate peer name and attribute lengths
Stefan Bader
stefan.bader at canonical.com
Wed Jul 27 15:37:48 UTC 2011
On 27.07.2011 17:20, Andy Whitcroft wrote:
> CVE-2011-1180
> Length fields provided by a peer for names and attributes may
> be longer than the destination array sizes. Validate lengths to
> prevent stack buffer overflows.
>
> The fix for this CVE has hit lucid and later via mainline and stable
> updates. Following this email is a patch for hardy, lucid/fsl-imx51,
> and maverick/ti-omap4. This is a simple cherry-pick of the upsteam change.
>
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
>
> -apw
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
More information about the kernel-team
mailing list