[PATCH v2] CVE-2011-2517
Paolo Pisati
paolo.pisati at canonical.com
Tue Oct 11 16:01:19 UTC 2011
CVE-2011-2517:
Buffer overflow flaws in the Linux kernel's netlink-based wireless
configuration interface implementation could allow a local user,
who has the CAP_NET_ADMIN capability, to cause a denial of service
or escalate their privileges on systems that have an active wireless
interface.
The cve advisory mentions two commits (208c72f4fe44fe09577e7975ba0e7fa0278f3d03
and 57a27e1d6a3bb9ad4efeebd3a8c71156d6207536) but the second one supersedes the
first one, so i picked and adapted that.
Following this email are 3 patches for lucid/master, lucid/fsl-imx51 and
another one for maverick/[master|ti-omap4], natty/[master|ti-omap4].
Lucid/[ec2|mvl-dove] and maverick/mvl-dove will get it after the next rebase.
Paolo Pisati (1):
nl80211: fix overflow in ssid_len - CVE-2011-2517
net/wireless/nl80211.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
--
1.7.5.4
More information about the kernel-team
mailing list