net-sctp: CVE-2014-3673, CVE-2014-3687, CVE-2014-3688

CVE-2014-3673
skb_over_panic when receiving malformed ASCONF chunks
Fixes: b896b82be4ae ("[SCTP] ADDIP: Support for processing incoming ASCONF_ACK
chunks.")

CVE-2014-3687
panic on duplicate ASCONF chunks
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")

CVE-2014-3688
remote memory pressure from excessive queueing
Fixes: 2e3216cd54b1 ("sctp: Follow security requirement of responding with 1
packet")

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688
http://www.openwall.com/lists/oss-security/2014/11/13/8

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>

1 files changed, 3 insertions, 0 deletions

diff --git a/recipes-kernel/linux/linux-qoriq_3.12.bb b/recipes-kernel/linux/linux-qoriq_3.12.bb
index 5993b59..9665632 100644
--- a/recipes-kernel/linux/linux-qoriq_3.12.bb
+++ b/recipes-kernel/linux/linux-qoriq_3.12.bb
@@ -19,6 +19,9 @@ SRC_URI = "git://git.freescale.com/ppc/sdk/linux.git;nobranch=1 \
     file://0004-USB-CVE-2014-3185.patch \
     file://0001-kvm-iommu-CVE-2014-3601.patch \
     file://0002-kvm-iommu-CVE-2014-8369.patch \
+    file://0001-net-sctp-CVE-2014-3673.patch \
+    file://0002-net-sctp-CVE-2014-3687.patch \
+    file://0003-net-sctp-CVE-2014-3688.patch \
 "
 SRCREV = "6619b8b55796cdf0cec04b66a71288edd3057229"