[PATCH] CVE-2011-2517
Stefan Bader
stefan.bader at canonical.com
Tue Oct 11 14:33:07 UTC 2011
On 11.10.2011 11:28, Paolo Pisati wrote:
> CVE-2011-2517:
> Buffer overflow flaws in the Linux kernel's netlink-based wireless
> configuration interface implementation could allow a local user,
> who has the CAP_NET_ADMIN capability, to cause a denial of service
> or escalate their privileges on systems that have an active wireless
> interface.
>
> The cve advisory mentions two commits (208c72f4fe44fe09577e7975ba0e7fa0278f3d03
> and 57a27e1d6a3bb9ad4efeebd3a8c71156d6207536) but the second one supersedes the
> first one, so i picked and adapted that.
>
> Following this email are 3 patches for lucid/master, lucid/fsl-imx51 and
> another one for maverick/[master|ti-omap4], natty/[master|ti-omap4].
> Lucid/[ec2|mvl-dove] and maverick/mvl-dove will get it after the next rebase.
>
> Paolo Pisati (1):
> nl80211: fix overflow in ssid_len - CVE-2011-2517
>
> net/wireless/nl80211.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
Seems the CVE number is missing in the commit text. Also the subjects of the
patches does not say which release they are for (is the patch actually
different? otherwise sending it once would be enough).
And one suggestion about the placement of buglink, cve number and commit
reference. I have been changing to put those after the previous sign off by
block and then adding my sign off. That way there is also a sort of timeline of
actions...
-Stefan
More information about the kernel-team
mailing list