[PULL][linux-euclid] CVE fixes
Jesse Sung
jesse.sung at canonical.com
Fri Oct 6 09:17:49 UTC 2017
Fixes for the red blocks in the CVE matrix for linux-euclid:
* CVE-2017-7308
* CVE-2017-1000111
* CVE-2017-1000112
* CVE-2017-1000251
* CVE-2017-1000364
* CVE-2017-2636
* CVE-2017-7184
* CVE-2017-7374
* CVE-2017-7533
----------------------------------------------------------------
The following changes since commit 8c20a90db922776b010d6fff5351ab96ed779a99:
UBUNTU: Ubuntu-4.4.0-9018.18 (2017-05-10 17:45:02 +0800)
are available in the git repository at:
https://git.launchpad.net/~wenchien/+git/xenial euclid-cve
for you to fetch changes up to d2d623f8866fc310deb81cad2fc43e0dfffbe735:
dentry name snapshots (2017-10-06 16:53:33 +0800)
----------------------------------------------------------------
Al Viro (1):
dentry name snapshots
Alexander Popov (1):
tty: n_hdlc: get rid of racy n_hdlc.tbuf
Alexey Kodanev (1):
udp: avoid ufo handling on IP payload compression packets
Andrea Arcangeli (1):
mm: vma_adjust: remove superfluous confusing update in
remove_next == 1 case
Andrey Konovalov (3):
net/packet: fix overflow in check for priv area size
net/packet: fix overflow in check for tp_frame_nr
net/packet: fix overflow in check for tp_reserve
Andy Whitcroft (2):
xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder
Ben Seri (1):
Bluetooth: Properly check L2CAP config option output buffer length
Eric Biggers (1):
fscrypt: remove broken support for detecting keyring key revocation
Helge Deller (1):
Allow stack to grow up to address space limit
Hugh Dickins (2):
mm: larger stack guard gap, between vmas
mm: fix new crash in unmapped_area_topdown()
Jakub Sitnicki (1):
ipv6: Don't use ufo handling on later transformed packets
Jiri Slaby (1):
TTY: n_hdlc, fix lockdep false positive
Michal Hocko (1):
mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
Michal Kubeček (1):
net: account for current skb length when deciding about UFO
Oleg Nesterov (1):
mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
Willem de Bruijn (2):
packet: fix tp_reserve race in packet_set_ring
udp: consistently apply ufo or fragmentation
Zheng Li (1):
ipv6: Should use consistent conditional judgement for ip6
fragment between __ip6_append_data and ip6_finish_output
zheng li (1):
ipv4: Should use consistent conditional judgement for ip
fragment in __ip_append_data and ip_finish_output
Documentation/kernel-parameters.txt | 7 ++
arch/arc/mm/mmap.c | 2 +-
arch/arm/mm/mmap.c | 4 +-
arch/frv/mm/elf-fdpic.c | 2 +-
arch/mips/mm/mmap.c | 2 +-
arch/parisc/kernel/sys_parisc.c | 15 ++--
arch/powerpc/mm/slice.c | 2 +-
arch/s390/mm/mmap.c | 4 +-
arch/sh/mm/mmap.c | 4 +-
arch/sparc/kernel/sys_sparc_64.c | 4 +-
arch/sparc/mm/hugetlbpage.c | 2 +-
arch/tile/mm/hugetlbpage.c | 2 +-
arch/x86/kernel/sys_x86_64.c | 4 +-
arch/x86/mm/hugetlbpage.c | 2 +-
arch/xtensa/kernel/syscall.c | 2 +-
drivers/tty/n_hdlc.c | 143 ++++++++++++++++----------------
fs/dcache.c | 27 ++++++
fs/debugfs/inode.c | 10 +--
fs/ext4/crypto_key.c | 28 ++-----
fs/ext4/ext4.h | 14 +---
fs/ext4/ext4_crypto.h | 1 -
fs/f2fs/crypto_key.c | 28 ++-----
fs/f2fs/f2fs.h | 14 +---
fs/f2fs/f2fs_crypto.h | 1 -
fs/hugetlbfs/inode.c | 2 +-
fs/namei.c | 8 +-
fs/notify/fsnotify.c | 8 +-
fs/proc/task_mmu.c | 4 -
include/linux/dcache.h | 6 ++
include/linux/fsnotify.h | 31 -------
include/linux/mm.h | 53 ++++++------
mm/gup.c | 5 --
mm/memory.c | 38 ---------
mm/mmap.c | 158 ++++++++++++++++++++++--------------
net/bluetooth/l2cap_core.c | 80 +++++++++---------
net/ipv4/ip_output.c | 9 +-
net/ipv4/udp.c | 2 +-
net/ipv6/ip6_output.c | 9 +-
net/packet/af_packet.c | 21 +++--
net/xfrm/xfrm_user.c | 9 +-
40 files changed, 366 insertions(+), 401 deletions(-)
More information about the kernel-team
mailing list