| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unix sockets use after free - peer_wait_queue prematurely freed
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446
References to upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=5c77e26862ce604edea05b3442ed765e9756fe0f
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes possible use-after-free vulnerability in keyring facility.
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
?id=3a50597de8635cd05133bd12c95681c82fe7b878
References:
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-
a-linux-kernel-vulnerability-cve-2016-0728/
https://bugzilla.redhat.com/show_bug.cgi?id=1297475
Red Hat KCS article:
https://access.redhat.com/articles/2131021
Patch is taken from:
https://bugzilla.redhat.com/attachment.cgi?id=1116563
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes NULL pointer dereference in USB WhiteHEAT serial.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5257
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=44f73be485f66dfeca7c6a5e334a7a11b97a4151
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes vhost fd leak in ioctl VHOST_SET_LOG_FD
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252
http://www.openwall.com/lists/oss-security/2015/08/18/3
Upstream fix:
=============
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes Race condition when sending message on unbound socket causing NULL
pointer dereference.
CVE-2015-7990 is a complete fix for CVE-2015-6937.
References:
https://lkml.org/lkml/2015/10/16/530
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7990
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes NULL pointer dereference in net/rds/connection.c
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
?id=74e98eb085889b0d2d4908f59f6e00026063014f
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6937
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|