ACK/cmnt: [T/X/Y/Z SRU] ipv6: Check ip6_find_1stfragopt() return value properly
Stefan Bader
stefan.bader at canonical.com
Fri Jun 9 07:41:18 UTC 2017
On 09.06.2017 09:30, Po-Hsu Lin wrote:
> This patch fixes the uint never less than 0 issue, which is induced by the patch for CVE-2017-9074 (commit 2423496af35d94a87156b063ea5cedffc10a70a1) found by the Coverity Scan.
>
> For Y and Z, the cherry-picked upstream patch (7dd7eb9513bd02184d45f000ab69d78cb1fa1531) could be applied without any problem.
> But for T and X, they both need a small change on different lines to rename the unfrag_ip6hlen uint variable to payload_len, which has been added in 802ab55 but never landed in these two releases.
>
> Artful has this patch already.
>
Needs CVE-2017-9074
added when applying, but otherwise
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20170609/e564ecbd/attachment.sig>
More information about the kernel-team
mailing list