APPLIED: [CVE-2011-1180] irda: validate peer name and attribute lengths
Tim Gardner
tim.gardner at canonical.com
Wed Jul 27 16:12:54 UTC 2011
On 07/27/2011 09:20 AM, Andy Whitcroft wrote:
> CVE-2011-1180
> Length fields provided by a peer for names and attributes may
> be longer than the destination array sizes. Validate lengths to
> prevent stack buffer overflows.
>
> The fix for this CVE has hit lucid and later via mainline and stable
> updates. Following this email is a patch for hardy, lucid/fsl-imx51,
> and maverick/ti-omap4. This is a simple cherry-pick of the upsteam change.
>
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list