[Z/Y/X/T SRU] Fix CVE-2017-9074
Seth Forshee
seth.forshee at canonical.com
Thu Jun 8 13:32:43 UTC 2017
On Thu, Jun 08, 2017 at 09:13:24AM +0200, Stefan Bader wrote:
> On 08.06.2017 05:12, Po-Hsu Lin (Sam) wrote:
> > From the CVE tracker, I think we need this for Artful as well.
>
> Right I probably should have added an Artful hint there as well. I was rather
> concentrating on SRU and maybe implicitly hoping that on devel things will fix
> themselves in a semi-magical way (rebase or some upstream stable)...
Artful got this from v4.11.4. However when grepping the changelogs I also
turned up this, perhpas not critical but it might be wanted.
commit db30193338a61cd101596366bfdb6b3b36b10f37
Author: David S. Miller <davem at davemloft.net>
Date: Wed May 17 22:54:11 2017 -0400
ipv6: Check ip6_find_1stfragopt() return value properly.
BugLink: http://bugs.launchpad.net/bugs/1696723
[ Upstream commit 7dd7eb9513bd02184d45f000ab69d78cb1fa1531 ]
Do not use unsigned variables to see if it returns a negative
error or not.
Fixes: 2423496af35d ("ipv6: Prevent overrun when parsing v6 header options")
Reported-by: Julia Lawall <julia.lawall at lip6.fr>
Signed-off-by: David S. Miller <davem at davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
Signed-off-by: Seth Forshee <seth.forshee at canonical.com>
More information about the kernel-team
mailing list