Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels

From: Willy Tarreau
Date: Sat Jun 04 2016 - 07:33:34 EST

Next message: Zhangjian (Bamvor): "Re: [PATCH 21/23] arm64: ilp32: introduce ilp32-specific handlers for sigframe and ucontext"
Previous message: Hugh SipiÃre: "[PATCH] drivers: ssb: Fix comments to suit coding style"
Next in thread: Greg KH: "Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Mon, Mar 28, 2016 at 04:53:48PM -0700, Jeffrey Vander Stoep wrote:
> https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
> partially failed read" is missing from the stable 3.4.y and 3.10.y
> kernels. It has been included in 3.2.y and 3.14.y.
>
> I am able to cause a kernel panic without this patch.

Just a heads up on this one, it is *not* included in 3.14 as of 3.14.71.
It's in 3.2 and 3.4 however. Greg, you can pick commit feae3ca2e5e1a
from kernel 3.2, it will apply with an offset.

Regards,
Willy

Next message: Zhangjian (Bamvor): "Re: [PATCH 21/23] arm64: ilp32: introduce ilp32-specific handlers for sigframe and ucontext"
Previous message: Hugh SipiÃre: "[PATCH] drivers: ssb: Fix comments to suit coding style"
Next in thread: Greg KH: "Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]