[Kernel-packages] [Bug 1685892] Re: macsec: avoid heap overflow in skb_to_sgvec

Wed, 26 Apr 2017 15:26:06 -0700 

This issue needs a second patch applied:
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b

(http://www.openwall.com/lists/oss-security/2017/04/26/8)

It was assigned CVE-2017-7477 (http://www.openwall.com/lists/oss-
security/2017/04/25/7)

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-7477

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685892

Title:
  macsec: avoid heap overflow in skb_to_sgvec

Status in linux package in Ubuntu:
  New
Status in linux-hwe package in Ubuntu:
  New
Status in linux source package in Xenial:
  Invalid
Status in linux-hwe source package in Xenial:
  New
Status in linux source package in Yakkety:
  New
Status in linux-hwe source package in Yakkety:
  Invalid
Status in linux source package in Zesty:
  New
Status in linux-hwe source package in Zesty:
  Invalid

Bug description:
  Please apply
  
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee

  (See also http://www.openwall.com/lists/oss-security/2017/04/24/4 )

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685892/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to