ACK/cmnt: [T/X/Y/Z SRU] ipv6: Check ip6_find_1stfragopt() return value properly

Stefan Bader stefan.bader at
Fri Jun 9 07:41:18 UTC 2017

On 09.06.2017 09:30, Po-Hsu Lin wrote:
> This patch fixes the uint never less than 0 issue, which is induced by the patch for CVE-2017-9074 (commit 2423496af35d94a87156b063ea5cedffc10a70a1) found by the Coverity Scan.
> For Y and Z, the cherry-picked upstream patch (7dd7eb9513bd02184d45f000ab69d78cb1fa1531) could be applied without any problem.
> But for T and X, they both need a small change on different lines to rename the unfrag_ip6hlen uint variable to payload_len, which has been added in 802ab55 but never landed in these two releases.
> Artful has this patch already.
Needs CVE-2017-9074

added when applying, but otherwise

Acked-by: Stefan Bader <stefan.bader at>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the kernel-team mailing list