[T/X/Y/Z SRU] ipv6: Check ip6_find_1stfragopt() return value properly
Po-Hsu Lin
po-hsu.lin at canonical.com
Fri Jun 9 07:30:11 UTC 2017
This patch fixes the uint never less than 0 issue, which is induced by the patch for CVE-2017-9074 (commit 2423496af35d94a87156b063ea5cedffc10a70a1) found by the Coverity Scan.
For Y and Z, the cherry-picked upstream patch (7dd7eb9513bd02184d45f000ab69d78cb1fa1531) could be applied without any problem.
But for T and X, they both need a small change on different lines to rename the unfrag_ip6hlen uint variable to payload_len, which has been added in 802ab55 but never landed in these two releases.
Artful has this patch already.
--
1.7.9.5
More information about the kernel-team
mailing list