summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel-net-ppp: CVE-2015-8569dizzy-eneaSona Sarmadi2016-06-012-0/+47
| | | | | | | | | | | | | | | | | Fixes an information leak from getsockname in the linux-yocto 3.14. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8569 Reference to the upstream fixes: =============================== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=0b21a04d1ff604297995fe4a21bde8ba7333d42c Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-net-ppp: CVE-2015-8569Sona Sarmadi2016-06-012-0/+47
| | | | | | | | | | | | | | | | | Fixes an information leak from getsockname in the linux-qoriq 3.12. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8569 Reference to the upstream fixes: =============================== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=d470ffbe3fe914d176ced4cf330a297c523c5711 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ipv4: CVE-2016-3156Sona Sarmadi2016-04-152-0/+136
| | | | | | | | | | | | | | | Fixes denial of service when destroying a network interface (in the linux qoriq-3.12). Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3156 Reference to the upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=5cc4ff312ac06ee4c49801f5b288c1118c3e5785 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ALSA: CVE-2016-2384Sona Sarmadi2016-04-152-0/+41
| | | | | | | | | | | | | | | Fixes double-free in usb-audio triggered by invalid USB descriptor (in the linux-yocto-3.14). Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2384 Reference to the upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=05dd81eafd796a5f1db09cc9fe2bff44cfd56dfe Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ALSA: CVE-2016-2384Sona Sarmadi2016-04-152-0/+41
| | | | | | | | | | | | | | | Fixes double-free in usb-audio triggered by invalid USB descriptor (in the linux-qoriq-3.12). Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2384 Reference to the upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=563b627dbd698b2ae2f385718f1682ec20a51119 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel/ALSA: CVE-2016-2546Sona Sarmadi2016-04-052-0/+129
| | | | | | | | | | | | | | | Fixes an open race in ALSA timer ioctls (in the linux-yocto-3.14). This flaw may lead to a use-after-free of timer instance object. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=7510c77227536d85013016289c96dd1fe212db77 References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2546 http://seclists.org/oss-sec/2016/q1/133 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel/ALSA: CVE-2016-2546Sona Sarmadi2016-04-052-0/+129
| | | | | | | | | | | | | | | Fixes an open race in ALSA timer ioctls (in the linux-qoriq-3.12). This flaw may lead to a use-after-free of timer instance object. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=7210b17187111e20afca4b4e30a31fa13c71a61b References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2546 http://seclists.org/oss-sec/2016/q1/133 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-unix: CVE-2013-7446Sona Sarmadi2016-03-174-0/+678
| | | | | | | | | | | | | | | | | Unix sockets use after free - peer_wait_queue prematurely freed Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446 References to upstream patches 3.12: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=9964b4c4ee925b2910723e509abd7241cff1ef84 3.14: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=9d054f57adc981a5f503d5eb9b259aa450b90dc5 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ipv4: CVE-2015-3636Sona Sarmadi2016-03-102-0/+40
| | | | | | | | | | | | | | Fixes use-after-free leading to local privilege escalation. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3636 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=8a9a51ba2eff62e1a899daad7b623becfed8f3f1 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* kernel-ipv6: CVE-2015-2922Sona Sarmadi2016-03-102-0/+56
| | | | | | | | | | | | | | | Fixes denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2922 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=ac12ff18b11259e10c2d543aa58c73ff88a68e77 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* vhost driver: CVE-2015-6252Sona Sarmadi2016-02-102-0/+40
| | | | | | | | | | | | | | | | | | | | Fixes a flaw in the Linux kernel's vhost driver. A privileged local user with access to the /dev/vhost-net files could use this flaw to create a denial-of-service attack. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6252 http://www.openwall.com/lists/oss-security/2015/08/18/3 Upstream patch: =============== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=a5b3343b05e58b8f8ce7481426f89c048229b50d Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* drivers-scsi: CVE-2015-5707Sona Sarmadi2016-02-102-0/+46
| | | | | | | | | | | | | | | | | | | Fixes a bug in the scsi block request handling code in function start_req(). References: =========== https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5707 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707 http://www.openwall.com/lists/oss-security/2015/08/01/6 Upstream patch: =============== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=aba300b9c26f063efcaee374e54264c79a611f22 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-rds: CVE-2015-2042Sona Sarmadi2016-02-102-0/+49
| | | | | | | | | | | | | | Fixes information handling flaw in rds sysctl files. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=b4482b533bfb54232f31d72c8ab70c1400385040 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* ipc: CVE-2015-7613Sona Sarmadi2016-01-284-0/+246
| | | | | | | | | | | | | | Fixes a race condition flaw in the Linux kernel's IPC subsystem. Upstream patch: https://github.com/torvalds/linux/commit/b9a532277938 References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7613 http://seclists.org/oss-sec/2015/q4/7 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* virtio-net: CVE-2015-5156Sona Sarmadi2016-01-284-0/+98
| | | | | | | | | | | | | | Fixes a buffer overflow flaw in the Linux kernel's virtio-net subsystem. Upstream patch: http://marc.info/?l=linux-netdev&m=143868216724068&w=2 References: http://www.openwall.com/lists/oss-security/2015/08/06/1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5156 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* kernel-vfs: CVE-2015-2925Sona Sarmadi2016-01-276-0/+397
| | | | | | | | | | | | | | | | | | | | | | | Fixes a flaw which was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925 http://www.openwall.com/lists/oss-security/2015/04/03/7 Reference to the upstream fixes: vfs: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/ commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37 dcache: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/ commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* security-keys: CVE-2016-0728Sona Sarmadi2016-01-222-0/+75
| | | | | | | | | | | | | | | | | | | | | | Fixes possible use-after-free vulnerability in keyring facility. Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/ ?id=3a50597de8635cd05133bd12c95681c82fe7b878 References: http://perception-point.io/2016/01/14/analysis-and-exploitation-of- a-linux-kernel-vulnerability-cve-2016-0728/ https://bugzilla.redhat.com/show_bug.cgi?id=1297475 Red Hat KCS article: https://access.redhat.com/articles/2131021 Patch is taken from: https://bugzilla.redhat.com/attachment.cgi?id=1116563 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* usb-whiteheat: CVE-2015-5257Sona Sarmadi2016-01-223-0/+87
| | | | | | | | | | | | | | Fixes NULL pointer dereference in USB WhiteHEAT serial. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5257 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=fe6689e03318d5745d88328395fd326e08238533 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* intial comit for Enea Linux 5.0-ppcAdrian Dudau2016-01-15117-5440/+989
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* keys: CVE-2014-9529Sona Sarmadi2016-01-112-0/+53
| | | | | | | | | | | | | | | | Fixes a race condition flaw in the Linux kernel keys management. A local attacker could attempt accessing a key while it was being garbage collected, which would cause the system to crash. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=cf69173f59163182c12e0ecbda52721397468763 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* netfilter: CVE-2014-8160Sona Sarmadi2016-01-112-0/+99
| | | | | | | | | | | | | | Fixes a flaw in the Linux kernel's netfilter subsystem. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160 Upstrem fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=efbf300ed821a533c3af71b1b122227febc28142 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* splice-CVE-2014-7822Sona Sarmadi2016-01-112-0/+79
| | | | | | | | | | | | | | Fixes lack of generic write checks. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822 Upstrem fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=b292fc7723b66d9796ae550b284223d95019ac44 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
* fs-udf: CVE-2015-4167Sona Sarmadi2016-01-082-0/+56
| | | | | | | | | | | | | | | | | Fixes an inode data validation error in the Linux kernel built with UDF file system (CONFIG_UDF_FS) support. An attacker able to mount a corrupted/malicious UDF file system image could cause the kernel to crash. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4167 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=34820fc89c5e635b7381e4060931ca30a63d110a Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ipv4: CVE-2015-3636Sona Sarmadi2016-01-052-0/+39
| | | | | | | | | | | | | | Fixes use-after-free leading to local privilege escalation. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3636 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=f493b53864236c924b61ef3ccbb759ac46419a32 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-ipv6: CVE-2015-2922Sona Sarmadi2016-01-052-0/+55
| | | | | | | | | | | | | | | Fixes denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2922 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=01f69adac109867f892f12057660d891b34182f6 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-rds: CVE-2015-2042Sona Sarmadi2016-01-052-0/+48
| | | | | | | | | | | | | | Fixes information handling flaw in rds sysctl files. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=2a9eb844a4c126b7e975a086f99f35699e88c011 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-net: CVE-2015-1465Sona Sarmadi2016-01-052-0/+108
| | | | | | | | | | | | | | | | | Fixes DoS due to routing packets to too many different dsts/too fast. A remote attacker can use this flaw to crash the system. References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1465 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=ee6db0ad53c9805d31bd1b0b7c9ea901407dfc19 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* vhost driver: CVE-2015-6252Sona Sarmadi2015-12-292-0/+34
| | | | | | | | | | | | | | | | | | | | Fixes a flaw in the Linux kernel's vhost driver. A privileged local user with access to the /dev/vhost-net files could use this flaw to create a denial-of-service attack. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6252 http://www.openwall.com/lists/oss-security/2015/08/18/3 Upstream patch: =============== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* md-driver: CVE-2015-5697Sona Sarmadi2015-12-292-0/+56
| | | | | | | | | | | | | | | | | | Fixes an information leak in md driver. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5697 http://www.openwall.com/lists/oss-security/2015/07/28/2 Upstream patch: =============== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=adbbaa36dd55ff0bde07391d898779760b5206df Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* drivers-scsi: CVE-2015-5707Sona Sarmadi2015-12-292-0/+45
| | | | | | | | | | | | | | | | | | | Fixes a bug in the scsi block request handling code in function start_req(). References: =========== https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5707 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707 http://www.openwall.com/lists/oss-security/2015/08/01/6 Upstream patch: =============== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=08ac1787579cb8bd9e7333836269e76801905597 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel-fs: CVE-2015-5706Sona Sarmadi2015-12-292-0/+46
| | | | | | | | | | | | | | | | | Fixes double fput(). References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5706 CVE assignment: http://seclists.org/oss-sec/2015/q3/270 Upstream/original fix: ====================== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=88b4f377466cb673777d27693acf70108a908106 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* linux-yocto: CVE-2015-3339Sona Sarmadi2015-12-112-0/+123
| | | | | | | | | | | | | | | Fixes race condition between chown() and execve() system calls in the linux-yocto 3.14 version. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339 http://seclists.org/oss-sec/2015/q2/216 Upstream fix: ihttps://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=de70236fbe30749fb8c317088c16a97e700fe232 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* net-sctp: CVE-2015-1421Sona Sarmadi2015-12-031-0/+1
| | | | | | | | | | | | | | | | Fix slab corruption from use after free on INIT collisions. Fix for linux-yocto 3.14. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/ ?id=43e39c2f63240f67a67b4060882f67dac1a6f339 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* net-sctp: CVE-2015-1421Sona Sarmadi2015-12-032-0/+137
| | | | | | | | | | | | | | | | Fix slab corruption from use after free on INIT collisions Fix for linux-qoriq 3.12. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/ ?id=43e39c2f63240f67a67b4060882f67dac1a6f339 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* media-ttusb-dec: CVE-2014-8884Sona Sarmadi2015-12-032-0/+36
| | | | | | | | | | | | | | | Fixes buffer overflow in ioctl. Fix for linux-qoriq 3.12. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/ ?id=482c6cb2dfb40838d67b0ba844b4b3d0af0f3d20 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* IB/uverbs: CVE-2014-8159Sona Sarmadi2015-12-031-0/+1
| | | | | | | | | | | | Prevent integer overflow in ib_umem_get address arithmetic Fix for linux-yocto_3.14. Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/ ?id=refs%2Ftags%2Fv3.12.51&qt=grep&q=CVE-2014-8159 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* IB/uverbs: CVE-2014-8159Sona Sarmadi2015-12-032-0/+51
| | | | | | | | | | | | Prevent integer overflow in ib_umem_get address arithmetic Fix for linux-qoriq 3.12. Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/ ?id=refs%2Ftags%2Fv3.12.51&qt=grep&q=CVE-2014-8159 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* linux-qoriq: mm: CVE-2014-3122Sona Sarmadi2015-11-272-1/+101
| | | | | | | | | | try_to_unmap_cluster() should lock_page() before mlocking Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: net: CVE-2015-2041Sona Sarmadi2015-11-202-0/+63
| | | | | | | | | | | | | | | Fixes information leak in llc2_timeout_table. References: http://www.openwall.com/lists/oss-security/2015/02/20/19 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ commit/?id=ecca64226ce2960280921e09ae33e90f82b5c408 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* kernel: CVE-2015-5364, CVE-2015-5366Tudor Florea2015-11-062-1/+67
| | | | | | | This fixes incorrect processing of checksums in UDP implementation Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* kernel: CVE-2015-1333Sona Sarmadi2015-10-222-0/+53
| | | | | | | | | | | | | | | Fixes denial of service due to memory leak in add_key() References: http://www.openwall.com/lists/oss-security/2015/07/27/7 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1333 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/stable/ linux-stable.git/commit/?id=4fd5dc9eece297f49f16f82422ead3a28b11ea70 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 5.0 armTudor Florea2015-10-08254-0/+19588
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-06 17:50:01 +0000