[Trusty][SRU][PATCH 0/1] Fix for CVE-2017-15868
Po-Hsu Lin
po-hsu.lin at canonical.com
Wed Dec 13 04:24:06 UTC 2017
Only Trusty needs this patch.
The original commit message is not very clear,
it's referring to commit 96c26653:
Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket
... rather than relying on ciptool(8) never passing it anything else. Give
it e.g. an AF_UNIX connected socket (from socketpair(2)) and it'll oops,
trying to evaluate &l2cap_pi(sock->sk)->chan->dst...
Kernel successfully built with this patch.
Al Viro (1):
Bluetooth: bnep: bnep_add_connection() should verify that it's dealing
with l2cap socket
net/bluetooth/bnep/core.c | 3 +++
1 file changed, 3 insertions(+)
--
2.7.4
More information about the kernel-team
mailing list