ACK: [SRU][X/T][PATCH 0/2] irda fixes for CVE-2018-6554 and CVE-2018-6555
Kamal Mostafa
kamal at canonical.com
Tue Sep 4 15:47:51 UTC 2018
Acked-by: Kamal Mostafa <kamal at canonical.com>
(two patches)
-Kamal
On Tue, Sep 04, 2018 at 03:12:15PM +0000, Tyler Hicks wrote:
> Memory leak in the irda_bind function in net/irda/af_irda.c and later
> in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17
> allows local users to cause a denial of service (memory consumption) by
> repeatedly binding an AF_IRDA socket. (CVE-2018-6554)
>
> The irda_setsockopt function in net/irda/af_irda.c and later in
> drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17
> allows local users to cause a denial of service (ias_object
> use-after-free and system crash) or possibly have unspecified other
> impact via an AF_IRDA socket. (CVE-2018-6555)
>
> Tyler
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list