[PATCH 0/1][CVE-2016-3951][Precise] usbnet: cleanup after bind() in probe()
Luis Henriques
luis.henriques at canonical.com
Mon May 30 13:54:05 UTC 2016
Following this email I am sending the Precise (clean cherry-pick) fix for
CVE-2016-3951. This CVE is fixed in mainline by 2 commits:
4d06dd537f95 "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind"
1666984c8625 "usbnet: cleanup after bind() in probe()"
However, only the 2nd commit is applicable to Precise (the 1st one
'Fixes: 8a34b0ae8778' which isn't in 3.2).
NOTE: this commit has been picked by upstream stable 3.2 kernel.
Oliver Neukum (1):
usbnet: cleanup after bind() in probe()
drivers/net/usb/usbnet.c | 7 +++++++
1 file changed, 7 insertions(+)
More information about the kernel-team
mailing list