[PATCH 0/1][C] CVE-2018-5391 - Mitigation for FragmentSmack

Tyler Hicks tyhicks at canonical.com
Tue Oct 2 17:29:52 UTC 2018


This patch revert mitigates FragmentSmack in Cosmic to match the mitigation
that we have in place in older Ubuntu kernels.

In the near future, we'll want to backport a series of upstream patches that
uses rb trees for the IP fragment queue but, due to how close we are to the
18.10 release, it is best if we simply mitigate the vulnerability with this
patch revert.


More information about the kernel-team mailing list