[Acked]Re: [hardy, lucid/fsl-imx51, maverick, maverick/ti-omap4, natty, natty/ti-omap4 CVE 1/1] inet_diag: fix inet_diag_bc_audit()

Seth Forshee seth.forshee at canonical.com
Wed Sep 14 16:36:02 UTC 2011

On Wed, Sep 14, 2011 at 04:51:15PM +0100, Andy Whitcroft wrote:
> From: Eric Dumazet <eric.dumazet at gmail.com>
> A malicious user or buggy application can inject code and trigger an
> infinite loop in inet_diag_bc_audit()
> Also make sure each instruction is aligned on 4 bytes boundary, to avoid
> unaligned accesses.
> Reported-by: Dan Rosenberg <drosenberg at vsecurity.com>
> Signed-off-by: Eric Dumazet <eric.dumazet at gmail.com>
> Signed-off-by: David S. Miller <davem at davemloft.net>
> (cherry picked from commit eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d)
> CVE-2011-2213
> BugLink: http://bugs.launchpad.net/bugs/838421
> Signed-off-by: Andy Whitcroft <apw at canonical.com>

It's a clean cherry-pick, and looks like it should fix the problem as
described. I don't know about the correctness of the alignment
enforcement, but since it appears to have been upstream for a while now
I'll assume it's okay.

Acked-by: Seth Forshee <seth.forshee at canonical.com>

More information about the kernel-team mailing list