ACK: [SRU][trusty][PATCH 0/2] Fix for CVE-2017-16939
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Dec 1 16:13:36 UTC 2017
On Fri, Dec 01, 2017 at 05:06:24PM +0100, Kleber Sacilotto de Souza wrote:
> Patch 2/2 (ipsec: Fix aborted xfrm policy dump crash) is the real fix and
> it needed a simple backport to fix the context because it lacks
> 283bc9f35bbbc (xfrm: Namespacify xfrm state/policy locks). Patch 1/1 is a
> prerequisite and is a clean cherry-pick.
>
> Tested with the POC available on
> https://bugzilla.suse.com/show_bug.cgi?id=1069702.
Backport looked fine, tested fix.
Acked-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
>
> Herbert Xu (1):
> ipsec: Fix aborted xfrm policy dump crash
>
> Tom Herbert (1):
> netlink: add a start callback for starting a netlink dump
>
> include/linux/netlink.h | 2 ++
> include/net/genetlink.h | 2 ++
> net/netlink/af_netlink.c | 4 ++++
> net/netlink/genetlink.c | 16 ++++++++++++++++
> net/xfrm/xfrm_user.c | 25 +++++++++++++++----------
> 5 files changed, 39 insertions(+), 10 deletions(-)
>
> --
> 2.14.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list