CVE-2016-3134 netfilter: missing bounds check in ipt_entry struct (rhbz 1317383 1317384)

author: Josh Boyer <jwboyer@fedoraproject.org> 2016-03-14 08:50:20 -0400
committer: Josh Boyer <jwboyer@fedoraproject.org> 2016-03-14 08:50:23 -0400
commit: d960d841dc566f8eb37b77b6b98725723c1f831e (patch)
tree: aae1a934391abfaa91d257760a6e0d30dcd0d0a6 /kernel.spec
parent: 207186fa3fe6e392a0e06e8ab5159f39e9702b61 (diff)
download: kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.tar.gz
kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.tar.xz
kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel.spec b/kernel.spec
index 5660ec87e..07fae14c6 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -631,6 +631,9 @@ Patch663: USB-serial-ftdi_sio-Add-support-for-ICP-DAS-I-756xU-.patch
 #CVE-2016-3135 rhbz 1317386 1317387
 Patch664: netfilter-x_tables-check-for-size-overflow.patch
 
+#CVE-2016-3134 rhbz 1317383 1317384
+Patch665: netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
+
 # END OF PATCH DEFINITIONS
 %endif
 
@@ -2075,6 +2078,7 @@ fi
 # 
 %changelog
 * Mon Mar 14 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- CVE-2016-3134 netfilter: missing bounds check in ipt_entry struct (rhbz 1317383 1317384)
 - CVE-2016-3135 netfilter: size overflow in x_tables (rhbz 1317386 1317387)
 
 * Fri Mar 11 2016 Josh Boyer <jwboyer@fedoraproject.org>
author	Josh Boyer <jwboyer@fedoraproject.org>	2016-03-14 08:50:20 -0400
committer	Josh Boyer <jwboyer@fedoraproject.org>	2016-03-14 08:50:23 -0400
commit	d960d841dc566f8eb37b77b6b98725723c1f831e (patch)
tree	aae1a934391abfaa91d257760a6e0d30dcd0d0a6 /kernel.spec
parent	207186fa3fe6e392a0e06e8ab5159f39e9702b61 (diff)
download	kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.tar.gz kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.tar.xz kernel-d960d841dc566f8eb37b77b6b98725723c1f831e.zip