NAK: [PATCH v2] CVE-2011-2517
Stefan Bader
stefan.bader at canonical.com
Wed Oct 12 16:59:21 UTC 2011
On 11.10.2011 17:01, Paolo Pisati wrote:
> CVE-2011-2517:
> Buffer overflow flaws in the Linux kernel's netlink-based wireless
> configuration interface implementation could allow a local user,
> who has the CAP_NET_ADMIN capability, to cause a denial of service
> or escalate their privileges on systems that have an active wireless
> interface.
>
> The cve advisory mentions two commits (208c72f4fe44fe09577e7975ba0e7fa0278f3d03
> and 57a27e1d6a3bb9ad4efeebd3a8c71156d6207536) but the second one supersedes the
> first one, so i picked and adapted that.
>
> Following this email are 3 patches for lucid/master, lucid/fsl-imx51 and
> another one for maverick/[master|ti-omap4], natty/[master|ti-omap4].
> Lucid/[ec2|mvl-dove] and maverick/mvl-dove will get it after the next rebase.
>
> Paolo Pisati (1):
> nl80211: fix overflow in ssid_len - CVE-2011-2517
>
> net/wireless/nl80211.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
Somehow it looks to me that maybe that is missing a part of the second patch
which makes modifications to nl80211_start_sched_scan. Generally I would stick
with upstream patches even if they do fix themselves. That way its harder to
miss something and also it keeps the referencing saner.
-Stefan
More information about the kernel-team
mailing list