APPLIED(B,C): [PATCH 0/1][SRU][B/C/D/Unstable] CVE-2019-8912 - AF_* use after free
Khaled Elmously
khalid.elmously at canonical.com
Wed Feb 27 22:41:37 UTC 2019
On 2019-02-27 11:13:39 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-8912
>
> CVE-2019-8912 was assigned for a use-after-free vulnerability in the AF_ALG
> implementation. However, that issue affects additional network families and now
> there is a more generic fix available.
>
> Since we have already applied the AF_ALG fix, it is worth noting that it is fine to have the AF_ALG fix and this more generic fix both applied.
>
> Clean cherry pick of the fix. I smoke tested a kernel build in a Bionic VM.
>
> Tyler
>
> Eric Biggers (1):
> net: socket: set sock->sk to NULL after calling proto_ops::release()
>
> net/socket.c | 1 +
> 1 file changed, 1 insertion(+)
>
> --
> 2.7.4
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list