[SRU][Trusty][Artful][PATCH 0/1] Fix for CVE-2017-17806
Kleber Sacilotto de Souza
kleber.souza at canonical.com
Thu Feb 1 16:06:09 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17806.html
Clean cherry-pick for Trusty and Artful, fix for Xenial is queued as part of
stable update to 4.4.107.
I was able to reproduce the bug with the reproducer from the commit message
but only with Artful kernel. The bug seems to be a real issue only after
SHA-3 support was added (requires CONFIG_CRYPTO_SHA3), which was done on
v4.8-rc1, so in theory only Artful and later series are affected. But anyway
I believe it's valid to fix this bug on Trusty (and Xenial).
Eric Biggers (1):
crypto: hmac - require that the underlying hash algorithm is unkeyed
crypto/hmac.c | 6 +++++-
crypto/shash.c | 5 +++--
include/crypto/internal/hash.h | 8 ++++++++
3 files changed, 16 insertions(+), 3 deletions(-)
--
2.14.1
More information about the kernel-team
mailing list