ACK/APPLIED[B/unstable]: [SRU][T/X/Z/A][PATCH 1/1] dccp: CVE-2017-8824: use-after-free in DCCP code

Seth Forshee seth.forshee at
Fri Dec 8 21:57:55 UTC 2017

On Fri, Dec 08, 2017 at 03:39:50PM +0100, Kleber Sacilotto de Souza wrote:
> From: Mohamed Ghannam <simo.ghannam at>
> Whenever the sock object is in DCCP_CLOSED state,
> dccp_disconnect() must free dccps_hc_tx_ccid and
> dccps_hc_rx_ccid and set to NULL.
> Signed-off-by: Mohamed Ghannam <simo.ghannam at>
> Reviewed-by: Eric Dumazet <edumazet at>
> Signed-off-by: David S. Miller <davem at>
> CVE-2017-8824
> (cherry picked from commit 69c64866ce072dea1d1e59a0d61e0f66c0dffb76 linux-next)
> Signed-off-by: Kleber Sacilotto de Souza <kleber.souza at>

Acked-by: Seth Forshee <seth.forshee at>

Applied to bionic and unstable.

More information about the kernel-team mailing list