| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
We need USB ETH dongle support for board management.
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
fix a use-after-free in sys_mq_notify()
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-11176
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
| |
Signed-off-by: Dragos Motrea <Dragos.Motrea@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Double fetch vulnerability in saa7164_bus_get function
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-8831
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
w2102.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-8062
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Possible double free in stcp_sendmsg() (incorrect fix for CVE-2017-5986)
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-6353
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
net: Improper lock dropping in the hashbin_delete function
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-6348
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
llc: skb->sk set without skb->destructor
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-6345
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
ipv4/tcp: Infinite loop in tcp_splice_read()
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-6214
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Reachable BUG_ON from userspace in sctp_wait_for_sndbuf
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5986
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
ipv4: Invalid IP options could cause skb->dst drop
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5970
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Shmat allows mmap null page protection bypass
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5669
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
vc4: Heap-buffer overflow due to failing checks
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5577
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix)
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5551
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
EXT4 memory corruption / SLAB out-of-bounds read
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10208
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
smbencrypt() points a scatterlist to the stack causing DoS
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10154
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
nfsd: Incorrect handling of long RPC replies
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7645
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Infinite recursion in ahash.c by triggering EBUSY on a full queue
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7618
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
rtl8150.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8069
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
pegasus.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8068
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
virtio_console.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8067
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
gs_usb.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8066
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
dvb_usb_core.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8064
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
kernel: cxusb.c interacts incorrectly with the CONFIG_VMAP_STACK option
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8063
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an issue in the size of the stack guard page on Linux,
specifically a 4k stack guard page is not sufficiently large
and can be "jumped" over (the stack guard page is bypassed),
this affects Linux Kernel versions 4.11.5 and earlier.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-1000364
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-1000364
https://blogs.oracle.com/wim/cve-2017-1000364
Upstream patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.50&id=cfc0eb403816c5c4f9667d959de5e22789b5421e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
call ipxitf_put() in ioctl error path
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-7487
Upstream patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.50&id=820adccd0e3be9bdd2384ca8fc4712108cfdf28b
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
guest kernel is based on cavium kernel source tree as the one
for host but we need a seprate recipe so we can append
different kernel configurations for guest.
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|