[kernel-sec-discuss] r5216 - retired
Ben Hutchings
benh at moszumanska.debian.org
Mon Apr 24 17:13:41 UTC 2017
Author: benh
Date: 2017-04-24 17:13:40 +0000 (Mon, 24 Apr 2017)
New Revision: 5216
Modified:
retired/CVE-2017-6345
Log:
Fix notes in Bugs field
Modified: retired/CVE-2017-6345
===================================================================
--- retired/CVE-2017-6345 2017-04-24 04:58:56 UTC (rev 5215)
+++ retired/CVE-2017-6345 2017-04-24 17:13:40 UTC (rev 5216)
@@ -1,12 +1,12 @@
Description: net/llc: avoid BUG_ON() in skb_orphan()
References:
Notes:
-Bugs:
bwh> The upstream commit refers to an added assertion in 3.12, but the
bwh> purpose of that assertion was to catch potential UAF cases so I
bwh> assume this bug could result in a UAF in 3.2. Note that this bug
bwh> is in the obscure llc2 module, not the basic llc support used by
bwh> some other protocols.
+Bugs:
upstream: released (4.10) [8b74d439e1697110c5e5c600643e823eb1dd0762]
4.9-upstream-stable: released (4.9.13) [42b52783a59cc706c71cdc7096edce4a6f086fd3]
3.16-upstream-stable: released (3.16.42) [net-llc-avoid-bug_on-in-skb_orphan.patch]
More information about the kernel-sec-discuss
mailing list