APPLIED: [CVE-2011-1180] irda: validate peer name and attribute lengths

Tim Gardner tim.gardner at canonical.com
Wed Jul 27 16:12:54 UTC 2011


On 07/27/2011 09:20 AM, Andy Whitcroft wrote:
> CVE-2011-1180
> 	Length fields provided by a peer for names and attributes may
> 	be longer than the destination array sizes.  Validate lengths to
> 	prevent stack buffer overflows.
>
> The fix for this CVE has hit lucid and later via mainline and stable
> updates.  Following this email is a patch for hardy, lucid/fsl-imx51,
> and maverick/ti-omap4.  This is a simple cherry-pick of the upsteam change.
>
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
>
> -apw
>


-- 
Tim Gardner tim.gardner at canonical.com



More information about the kernel-team mailing list