APPLIED[T]: [Trusty][SRU][PATCH 0/1] Fix for CVE-2017-0627
Stefan Bader
stefan.bader at canonical.com
Wed May 23 14:53:39 UTC 2018
On 08.05.2018 09:57, Po-Hsu Lin wrote:
> According to our CVE matrix, only Trusty needs this patch.
>
> An extra check to validate the user-provided bit-size and offset was added in
> this patch to fix this CVE issue.
>
> Guenter Roeck (1):
> media: uvcvideo: Prevent heap overflow when accessing mapped controls
>
> drivers/media/usb/uvc/uvc_ctrl.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
Applied to trusty master-next.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180523/09c17a77/attachment.sig>
More information about the kernel-team
mailing list