APPLIED: [SRU][Bionic][PATCH 0/2] irda fixes for CVE-2018-6554 and CVE-2018-6555
Kleber Souza
kleber.souza at canonical.com
Wed Sep 5 10:33:40 UTC 2018
On 09/04/18 17:10, Tyler Hicks wrote:
> Memory leak in the irda_bind function in net/irda/af_irda.c and later
> in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17
> allows local users to cause a denial of service (memory consumption) by
> repeatedly binding an AF_IRDA socket. (CVE-2018-6554)
>
> The irda_setsockopt function in net/irda/af_irda.c and later in
> drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17
> allows local users to cause a denial of service (ias_object
> use-after-free and system crash) or possibly have unspecified other
> impact via an AF_IRDA socket. (CVE-2018-6555)
>
> Tyler
>
>
Applied to bionic/master-next branch.
Thanks,
Kleber
More information about the kernel-team
mailing list