ACK: [Zesty][PATCH v2 0/2] CVE-2017-7979: net sched actions: access of uninitialized data and error handling

Seth Forshee seth.forshee at canonical.com
Mon Apr 24 19:31:15 UTC 2017


On Mon, Apr 24, 2017 at 04:26:37PM +0200, Fabian Gr├╝nbichler wrote:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1682368
> 
> == SRU Justification ==
> 
> Impact: adding a tc filter sometimes fails, potentially followed by kernel hangs and kernel NULL pointer dereference (CVE 2017-7979)
> 
> Fix: cherry-pick fix from v4.11-rc8
> 
> Regression Potential: clean cherry-picks from upstream
> 
> Wei Yongjun (1):
>   net_sched: nla_memdup_cookie() can be static
> 
> Wolfgang Bumiller (1):
>   net sched actions: allocate act cookie early
> 
>  net/sched/act_api.c | 55 +++++++++++++++++++++++++++++++----------------------
>  1 file changed, 32 insertions(+), 23 deletions(-)

Bug fix, clean upstream cherry pick. For both patches:

Acked-by: Seth Forshee <seth.forshee at canonical.com>




More information about the kernel-team mailing list