[PATCH 0/1][SRU][B/C/D/Unstable] CVE-2019-8912 - AF_* use after free
Tyler Hicks
tyhicks at canonical.com
Wed Feb 27 11:13:39 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-8912
CVE-2019-8912 was assigned for a use-after-free vulnerability in the AF_ALG
implementation. However, that issue affects additional network families and now
there is a more generic fix available.
Since we have already applied the AF_ALG fix, it is worth noting that it is fine to have the AF_ALG fix and this more generic fix both applied.
Clean cherry pick of the fix. I smoke tested a kernel build in a Bionic VM.
Tyler
Eric Biggers (1):
net: socket: set sock->sk to NULL after calling proto_ops::release()
net/socket.c | 1 +
1 file changed, 1 insertion(+)
--
2.7.4
More information about the kernel-team
mailing list