[Precise/lts-backport-raring][CVEs][PATCH 0/2] Set of CVE fixes
Luis Henriques
luis.henriques at canonical.com
Wed Jun 25 13:30:37 UTC 2014
Following this email, I'm sending 2 CVE fixes for the last SRU cycle
that will include Precise/lts-backport-raring before it EOLs:
- CVE-2014-3917
This is a clean cherry-pick of:
a3c549311995 "auditsc: audit_krule mask accesses need bounds checking"
- CVE-2014-4014
As for the lts-backport-quantal kernel, this fix was taken from the
3.10 stable kernel, which included a backport provided by upstream.
Andy Lutomirski (2):
auditsc: audit_krule mask accesses need bounds checking
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
fs/attr.c | 8 ++++----
fs/inode.c | 10 +++++++---
fs/namei.c | 11 ++++++-----
include/linux/capability.h | 2 +-
kernel/auditsc.c | 27 ++++++++++++++++++---------
kernel/capability.c | 18 +++++++-----------
6 files changed, 43 insertions(+), 33 deletions(-)
--
1.9.1
More information about the kernel-team
mailing list