| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an information leak from getsockname in the linux-yocto 3.14.
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8569
Reference to the upstream fixes:
===============================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=0b21a04d1ff604297995fe4a21bde8ba7333d42c
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an information leak from getsockname in the linux-qoriq 3.12.
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8569
Reference to the upstream fixes:
===============================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=d470ffbe3fe914d176ced4cf330a297c523c5711
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service when destroying a network interface
(in the linux qoriq-3.12).
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3156
Reference to the upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=5cc4ff312ac06ee4c49801f5b288c1118c3e5785
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double-free in usb-audio triggered by invalid USB descriptor
(in the linux-yocto-3.14).
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2384
Reference to the upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=05dd81eafd796a5f1db09cc9fe2bff44cfd56dfe
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double-free in usb-audio triggered by invalid USB descriptor
(in the linux-qoriq-3.12).
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2384
Reference to the upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=563b627dbd698b2ae2f385718f1682ec20a51119
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an open race in ALSA timer ioctls (in the linux-yocto-3.14).
This flaw may lead to a use-after-free of timer instance object.
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=7510c77227536d85013016289c96dd1fe212db77
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2546
http://seclists.org/oss-sec/2016/q1/133
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an open race in ALSA timer ioctls (in the linux-qoriq-3.12).
This flaw may lead to a use-after-free of timer instance object.
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=7210b17187111e20afca4b4e30a31fa13c71a61b
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2546
http://seclists.org/oss-sec/2016/q1/133
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unix sockets use after free - peer_wait_queue prematurely freed
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446
References to upstream patches
3.12:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=9964b4c4ee925b2910723e509abd7241cff1ef84
3.14:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=9d054f57adc981a5f503d5eb9b259aa450b90dc5
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes use-after-free leading to local privilege escalation.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3636
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=8a9a51ba2eff62e1a899daad7b623becfed8f3f1
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service (DoS) attack against IPv6 network
stacks due to improper handling of Router Advertisements.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2922
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=ac12ff18b11259e10c2d543aa58c73ff88a68e77
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a flaw in the Linux kernel's vhost driver.
A privileged local user with access to the /dev/vhost-net
files could use this flaw to create a denial-of-service attack.
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6252
http://www.openwall.com/lists/oss-security/2015/08/18/3
Upstream patch:
===============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=a5b3343b05e58b8f8ce7481426f89c048229b50d
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a bug in the scsi block request handling code in
function start_req().
References:
===========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707
http://www.openwall.com/lists/oss-security/2015/08/01/6
Upstream patch:
===============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=aba300b9c26f063efcaee374e54264c79a611f22
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes information handling flaw in rds sysctl files.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=b4482b533bfb54232f31d72c8ab70c1400385040
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a race condition flaw in the Linux kernel's IPC subsystem.
Upstream patch:
https://github.com/torvalds/linux/commit/b9a532277938
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7613
http://seclists.org/oss-sec/2015/q4/7
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a buffer overflow flaw in the Linux kernel's virtio-net subsystem.
Upstream patch:
http://marc.info/?l=linux-netdev&m=143868216724068&w=2
References:
http://www.openwall.com/lists/oss-security/2015/08/06/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5156
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a flaw which was found in the way the Linux kernel's file system
implementation handled rename operations in which the source was inside
and the destination was outside of a bind mount.
A privileged user inside a container could use this flaw to escape the bind
mount and, potentially, escalate their privileges on the system.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925
http://www.openwall.com/lists/oss-security/2015/04/03/7
Reference to the upstream fixes:
vfs: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37
dcache: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes possible use-after-free vulnerability in keyring facility.
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
?id=3a50597de8635cd05133bd12c95681c82fe7b878
References:
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-
a-linux-kernel-vulnerability-cve-2016-0728/
https://bugzilla.redhat.com/show_bug.cgi?id=1297475
Red Hat KCS article:
https://access.redhat.com/articles/2131021
Patch is taken from:
https://bugzilla.redhat.com/attachment.cgi?id=1116563
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes NULL pointer dereference in USB WhiteHEAT serial.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5257
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=fe6689e03318d5745d88328395fd326e08238533
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a race condition flaw in the Linux kernel keys management.
A local attacker could attempt accessing a key while it was being
garbage collected, which would cause the system to crash.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=cf69173f59163182c12e0ecbda52721397468763
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a flaw in the Linux kernel's netfilter subsystem.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160
Upstrem fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=efbf300ed821a533c3af71b1b122227febc28142
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes lack of generic write checks.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822
Upstrem fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=b292fc7723b66d9796ae550b284223d95019ac44
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an inode data validation error in the Linux kernel
built with UDF file system (CONFIG_UDF_FS) support.
An attacker able to mount a corrupted/malicious UDF file
system image could cause the kernel to crash.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4167
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=34820fc89c5e635b7381e4060931ca30a63d110a
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes use-after-free leading to local privilege escalation.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3636
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=f493b53864236c924b61ef3ccbb759ac46419a32
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service (DoS) attack against IPv6 network
stacks due to improper handling of Router Advertisements.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2922
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=01f69adac109867f892f12057660d891b34182f6
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes information handling flaw in rds sysctl files.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=2a9eb844a4c126b7e975a086f99f35699e88c011
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes DoS due to routing packets to too many different
dsts/too fast.
A remote attacker can use this flaw to crash the system.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=ee6db0ad53c9805d31bd1b0b7c9ea901407dfc19
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a flaw in the Linux kernel's vhost driver.
A privileged local user with access to the /dev/vhost-net
files could use this flaw to create a denial-of-service attack.
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6252
http://www.openwall.com/lists/oss-security/2015/08/18/3
Upstream patch:
===============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an information leak in md driver.
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5697
http://www.openwall.com/lists/oss-security/2015/07/28/2
Upstream patch:
===============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=adbbaa36dd55ff0bde07391d898779760b5206df
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a bug in the scsi block request handling code in
function start_req().
References:
===========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707
http://www.openwall.com/lists/oss-security/2015/08/01/6
Upstream patch:
===============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=08ac1787579cb8bd9e7333836269e76801905597
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double fput().
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5706
CVE assignment: http://seclists.org/oss-sec/2015/q3/270
Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=88b4f377466cb673777d27693acf70108a908106
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes race condition between chown() and execve() system calls in the
linux-yocto 3.14 version.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339
http://seclists.org/oss-sec/2015/q2/216
Upstream fix:
ihttps://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=de70236fbe30749fb8c317088c16a97e700fe232
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix slab corruption from use after free on INIT collisions.
Fix for linux-yocto 3.14.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/
?id=43e39c2f63240f67a67b4060882f67dac1a6f339
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix slab corruption from use after free on INIT collisions
Fix for linux-qoriq 3.12.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/
?id=43e39c2f63240f67a67b4060882f67dac1a6f339
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes buffer overflow in ioctl.
Fix for linux-qoriq 3.12.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8884
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/
?id=482c6cb2dfb40838d67b0ba844b4b3d0af0f3d20
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent integer overflow in ib_umem_get address arithmetic
Fix for linux-yocto_3.14.
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/
?id=refs%2Ftags%2Fv3.12.51&qt=grep&q=CVE-2014-8159
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent integer overflow in ib_umem_get address arithmetic
Fix for linux-qoriq 3.12.
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/
?id=refs%2Ftags%2Fv3.12.51&qt=grep&q=CVE-2014-8159
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
try_to_unmap_cluster() should lock_page() before mlocking
Reference
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes information leak in llc2_timeout_table.
References:
http://www.openwall.com/lists/oss-security/2015/02/20/19
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=ecca64226ce2960280921e09ae33e90f82b5c408
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
| |
This fixes incorrect processing of checksums in UDP implementation
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service due to memory leak in add_key()
References:
http://www.openwall.com/lists/oss-security/2015/07/27/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1333
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/
linux-stable.git/commit/?id=4fd5dc9eece297f49f16f82422ead3a28b11ea70
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|