[CVE-2011-1748] can: add missing socket check in can/raw release
Tim Gardner
tim.gardner at canonical.com
Thu May 26 16:19:53 UTC 2011
On 05/26/2011 10:07 AM, Andy Whitcroft wrote:
> CVE-2011-1748
> The raw_release function in net/can/raw.c in the Linux kernel
> before 2.6.39-rc6 does not properly validate a socket data
> structure, which allows local users to cause a denial of service
> (NULL pointer dereference) or possibly have unspecified other
> impact via a crafted release operation.
>
> The fix for this issue is already applied to Oneiric, Natty, and Lucid
> arriving via mainline/stable updates. Neither of Hardy or Dapper
> contain the affected protocol. Following this email is a patch for
> Maverick cherry-picked from mainline.
>
> Proposing for Maverick.
>
> -apw
>
applied
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list