APPLIED: [PATCH] CVE-2011-2517
Tim Gardner
tim.gardner at canonical.com
Wed Oct 12 09:07:36 UTC 2011
On 10/11/2011 11:28 AM, Paolo Pisati wrote:
> CVE-2011-2517:
> Buffer overflow flaws in the Linux kernel's netlink-based wireless
> configuration interface implementation could allow a local user,
> who has the CAP_NET_ADMIN capability, to cause a denial of service
> or escalate their privileges on systems that have an active wireless
> interface.
>
> The cve advisory mentions two commits (208c72f4fe44fe09577e7975ba0e7fa0278f3d03
> and 57a27e1d6a3bb9ad4efeebd3a8c71156d6207536) but the second one supersedes the
> first one, so i picked and adapted that.
>
> Following this email are 3 patches for lucid/master, lucid/fsl-imx51 and
> another one for maverick/[master|ti-omap4], natty/[master|ti-omap4].
> Lucid/[ec2|mvl-dove] and maverick/mvl-dove will get it after the next rebase.
>
> Paolo Pisati (1):
> nl80211: fix overflow in ssid_len - CVE-2011-2517
>
> net/wireless/nl80211.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list