Hi, On Mon, Aug 29, 2016 at 01:08:45AM -0400, Neal P. Murphy wrote: > On Mon, 29 Aug 2016 03:43:15 +0000 > Mark Fletcher <mark2...@gmail.com> wrote: > > > Version 4.7 of the kernel contains a fix, which only required changes to > > one source file, so I assume it's a question of back porting that fix into > > the Jessie version of the kernel. I might take a look at trying that and > > submit a patch if I can get it to work. (Now watch me trip over a dozen > > issues I didn't think of when I try this) > > Greg K-H backported the fix(es) to 3.14.76. And a fix to the fix in > 3.14.77. And Ben H. has the patch in 3.16.37, which is likely closer > to what you need). The patches involve increasing the limit to 1000 > ± some random factor, and per-socket rate limiting. It shouldn't be > *too* difficult to backport that patch to Debian's kernel.
The issue is already been worked on by Ben for all versions in sid, jessie (and wheezy lts): sid: https://anonscm.debian.org/cgit/kernel/linux.git/commit/?h=sid&id=7184d7bfd94443b6403d71da639ec390224af594 (but then later just used as with 4.7.2 uploaded yesterday). jessie: https://anonscm.debian.org/cgit/kernel/linux.git/commit/?h=jessie-security&id=1bd5c3370523e5846019361b33a97c754db76f8d wheezy: https://anonscm.debian.org/cgit/kernel/linux.git/commit/?h=wheezy-security&id=f383788fb866fc61daf26836bccd92ebf7a6f02f HTH, Regards, Salvatore
