APPLIED: [Trusty][CVE-2014-7822][Patch 0/1] splice: Apply generic position and size checks to each write
Brad Figg
brad.figg at canonical.com
Thu Feb 26 16:02:39 UTC 2015
On Wed, Feb 25, 2015 at 03:30:58PM +0000, Luis Henriques wrote:
> Following this email I am sending a patch that fixes CVE-2014-7822 for
> Trusty. It was cherry-picked from the stable linux-3.13.y-queue
> branch.
>
> The original upstream fix in Linus' tree is:
>
> commit 8d0207652cbe27d1f962050737848e5ad4671958
> Author: Al Viro <viro at zeniv.linux.org.uk>
> Date: Sat Apr 5 04:27:08 2014 -0400
>
> ->splice_write() via ->write_iter()
>
> However, this fix can not be applied to older kernels.
>
> The fix for the 3.13 was based on Ben Hutchings's fix for the stable
> 3.2 kernel here:
>
> https://lkml.org/lkml/2015/2/16/643
>
> We (Kamal and me) have reviewed this patch and couldn't find out any
> other splice_write implementations in the 3.13 kernel that were not
> calling generic_file_splice_write. But we could be wrong :-)
>
> Ben Hutchings (1):
> splice: Apply generic position and size checks to each write
>
> fs/ocfs2/file.c | 8 ++++++--
> fs/splice.c | 8 ++++++--
> 2 files changed, 12 insertions(+), 4 deletions(-)
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Applied to Trusty master-next
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list