[CVE-2017-9150][X/Y/joule/aws/gke][PATCH 0/1] bpf: don't let ldimm64 leak map addresses on unprivileged

Wen-chien Jesse Sung jesse.sung at canonical.com
Wed Jun 21 14:13:31 UTC 2017


CVE-2017-9150

It's a backport instead of clean cherry-pick because "struct verifier_env"
is renamed/extended to "struct bpf_verifier_env" in later versions.

Daniel Borkmann (1):
  bpf: don't let ldimm64 leak map addresses on unprivileged

 kernel/bpf/verifier.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

-- 
2.7.4




More information about the kernel-team mailing list