ACK: [PULL][linux-euclid] CVE fixes

Juerg Haefliger juerg.haefliger at canonical.com
Mon Oct 9 09:48:03 UTC 2017 

On 10/06/2017 11:17 AM, Jesse Sung wrote:
> Fixes for the red blocks in the CVE matrix for linux-euclid:
> 
> * CVE-2017-7308
> * CVE-2017-1000111
> * CVE-2017-1000112
> * CVE-2017-1000251
> * CVE-2017-1000364
> * CVE-2017-2636
> * CVE-2017-7184
> * CVE-2017-7374
> * CVE-2017-7533
> 
> ----------------------------------------------------------------
> The following changes since commit 8c20a90db922776b010d6fff5351ab96ed779a99:
> 
>   UBUNTU: Ubuntu-4.4.0-9018.18 (2017-05-10 17:45:02 +0800)
> 
> are available in the git repository at:
> 
>   https://git.launchpad.net/~wenchien/+git/xenial euclid-cve
> 
> for you to fetch changes up to d2d623f8866fc310deb81cad2fc43e0dfffbe735:
> 
>   dentry name snapshots (2017-10-06 16:53:33 +0800)
> 
> ----------------------------------------------------------------
> Al Viro (1):
>       dentry name snapshots
> 
> Alexander Popov (1):
>       tty: n_hdlc: get rid of racy n_hdlc.tbuf
> 
> Alexey Kodanev (1):
>       udp: avoid ufo handling on IP payload compression packets
> 
> Andrea Arcangeli (1):
>       mm: vma_adjust: remove superfluous confusing update in
> remove_next == 1 case
> 
> Andrey Konovalov (3):
>       net/packet: fix overflow in check for priv area size
>       net/packet: fix overflow in check for tp_frame_nr
>       net/packet: fix overflow in check for tp_reserve
> 
> Andy Whitcroft (2):
>       xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
>       xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder
> 
> Ben Seri (1):
>       Bluetooth: Properly check L2CAP config option output buffer length
> 
> Eric Biggers (1):
>       fscrypt: remove broken support for detecting keyring key revocation
> 
> Helge Deller (1):
>       Allow stack to grow up to address space limit
> 
> Hugh Dickins (2):
>       mm: larger stack guard gap, between vmas
>       mm: fix new crash in unmapped_area_topdown()
> 
> Jakub Sitnicki (1):
>       ipv6: Don't use ufo handling on later transformed packets
> 
> Jiri Slaby (1):
>       TTY: n_hdlc, fix lockdep false positive
> 
> Michal Hocko (1):
>       mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
> 
> Michal Kubeček (1):
>       net: account for current skb length when deciding about UFO
> 
> Oleg Nesterov (1):
>       mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
> 
> Willem de Bruijn (2):
>       packet: fix tp_reserve race in packet_set_ring
>       udp: consistently apply ufo or fragmentation
> 
> Zheng Li (1):
>       ipv6: Should use consistent conditional judgement for ip6
> fragment between __ip6_append_data and ip6_finish_output
> 
> zheng li (1):
>       ipv4: Should use consistent conditional judgement for ip
> fragment in __ip_append_data and ip_finish_output
> 
>  Documentation/kernel-parameters.txt |   7 ++
>  arch/arc/mm/mmap.c                  |   2 +-
>  arch/arm/mm/mmap.c                  |   4 +-
>  arch/frv/mm/elf-fdpic.c             |   2 +-
>  arch/mips/mm/mmap.c                 |   2 +-
>  arch/parisc/kernel/sys_parisc.c     |  15 ++--
>  arch/powerpc/mm/slice.c             |   2 +-
>  arch/s390/mm/mmap.c                 |   4 +-
>  arch/sh/mm/mmap.c                   |   4 +-
>  arch/sparc/kernel/sys_sparc_64.c    |   4 +-
>  arch/sparc/mm/hugetlbpage.c         |   2 +-
>  arch/tile/mm/hugetlbpage.c          |   2 +-
>  arch/x86/kernel/sys_x86_64.c        |   4 +-
>  arch/x86/mm/hugetlbpage.c           |   2 +-
>  arch/xtensa/kernel/syscall.c        |   2 +-
>  drivers/tty/n_hdlc.c                | 143 ++++++++++++++++----------------
>  fs/dcache.c                         |  27 ++++++
>  fs/debugfs/inode.c                  |  10 +--
>  fs/ext4/crypto_key.c                |  28 ++-----
>  fs/ext4/ext4.h                      |  14 +---
>  fs/ext4/ext4_crypto.h               |   1 -
>  fs/f2fs/crypto_key.c                |  28 ++-----
>  fs/f2fs/f2fs.h                      |  14 +---
>  fs/f2fs/f2fs_crypto.h               |   1 -
>  fs/hugetlbfs/inode.c                |   2 +-
>  fs/namei.c                          |   8 +-
>  fs/notify/fsnotify.c                |   8 +-
>  fs/proc/task_mmu.c                  |   4 -
>  include/linux/dcache.h              |   6 ++
>  include/linux/fsnotify.h            |  31 -------
>  include/linux/mm.h                  |  53 ++++++------
>  mm/gup.c                            |   5 --
>  mm/memory.c                         |  38 ---------
>  mm/mmap.c                           | 158 ++++++++++++++++++++++--------------
>  net/bluetooth/l2cap_core.c          |  80 +++++++++---------
>  net/ipv4/ip_output.c                |   9 +-
>  net/ipv4/udp.c                      |   2 +-
>  net/ipv6/ip6_output.c               |   9 +-
>  net/packet/af_packet.c              |  21 +++--
>  net/xfrm/xfrm_user.c                |   9 +-
>  40 files changed, 366 insertions(+), 401 deletions(-)

Looks good and matches the relevant commits from Xenial master.

Acked-by: Juerg Haefliger <juerg.haefliger at canonical.com>

More information about the kernel-team mailing list