[PATCH] [SRU][Trusty] Fix for CVE-2017-7645
Paolo Pisati
paolo.pisati at canonical.com
Tue Jul 24 09:11:44 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7645.html
According to the above page, CVE-2017-7645 requires three commits:
commit e6838a29ecb484c97e4efef9429643b9851fba6e
Author: J. Bruce Fields <bfields at redhat.com>
Date: Fri Apr 21 16:10:18 2017 -0400
nfsd: check for oversized NFSv2/v3 arguments
that is the attached patch, and is a clean cherry-pick
commit db44bac41bbfc0c0d9dd943092d8bded3c9db19b
Author: J. Bruce Fields <bfields at redhat.com>
Date: Tue Apr 25 16:21:34 2017 -0400
nfsd4: minor NFSv2/v3 write decoding cleanup
already present in Trusty for CVE-2017-7895 as
5cf9cac nfsd4: minor NFSv2/v3 write decoding cleanup
commit 13bf9fbff0e5e099e2b6f003a0ab8ae145436309
Author: J. Bruce Fields <bfields at redhat.com>
Date: Fri Apr 21 15:26:30 2017 -0400
nfsd: stricter decoding of write-like NFSv2/v3 ops
already present in Trusty as part of CVE-2017-7895 as
7b86de9 nfsd: stricter decoding of write-like NFSv2/v3 ops
J. Bruce Fields (1):
nfsd: check for oversized NFSv2/v3 arguments
fs/nfsd/nfssvc.c | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
--
2.7.4
More information about the kernel-team
mailing list