ACK/APPLIED[B/unstable]: [SRU][T/X/Z/A][PATCH 1/1] dccp: CVE-2017-8824: use-after-free in DCCP code
Seth Forshee
seth.forshee at canonical.com
Fri Dec 8 21:57:55 UTC 2017
On Fri, Dec 08, 2017 at 03:39:50PM +0100, Kleber Sacilotto de Souza wrote:
> From: Mohamed Ghannam <simo.ghannam at gmail.com>
>
> Whenever the sock object is in DCCP_CLOSED state,
> dccp_disconnect() must free dccps_hc_tx_ccid and
> dccps_hc_rx_ccid and set to NULL.
>
> Signed-off-by: Mohamed Ghannam <simo.ghannam at gmail.com>
> Reviewed-by: Eric Dumazet <edumazet at google.com>
> Signed-off-by: David S. Miller <davem at davemloft.net>
>
> CVE-2017-8824
> (cherry picked from commit 69c64866ce072dea1d1e59a0d61e0f66c0dffb76 linux-next)
> Signed-off-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Acked-by: Seth Forshee <seth.forshee at canonical.com>
Applied to bionic and unstable.
More information about the kernel-team
mailing list