CVE-2016-3134 netfilter: missing bounds check in ipt_entry struct (rhbz 1317383 1317384)

author: Josh Boyer <jwboyer@fedoraproject.org> 2016-03-14 08:50:20 -0400
committer: Josh Boyer <jwboyer@fedoraproject.org> 2016-03-14 08:51:16 -0400
commit: b653e2ee310ecdf59dbbac651db45a44eee5dcb1 (patch)
tree: 429731214dbd12d13abfb7abf985636363eec68d /kernel.spec
parent: 835b170e9cd2ebb2a448b8bb26c53eb5cb3da120 (diff)
download: kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.tar.gz
kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.tar.xz
kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel.spec b/kernel.spec
index dea176571..bd8bd6e5b 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -619,6 +619,9 @@ Patch663: USB-serial-ftdi_sio-Add-support-for-ICP-DAS-I-756xU-.patch
 #CVE-2016-3135 rhbz 1317386 1317387
 Patch664: netfilter-x_tables-check-for-size-overflow.patch
 
+#CVE-2016-3134 rhbz 1317383 1317384
+Patch665: netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -2141,6 +2144,7 @@ fi
 # 
 %changelog
 * Mon Mar 14 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- CVE-2016-3134 netfilter: missing bounds check in ipt_entry struct (rhbz 1317383 1317384)
 - CVE-2016-3135 netfilter: size overflow in x_tables (rhbz 1317386 1317387)
 
 * Fri Mar 11 2016 Josh Boyer <jwboyer@fedoraproject.org>
author	Josh Boyer <jwboyer@fedoraproject.org>	2016-03-14 08:50:20 -0400
committer	Josh Boyer <jwboyer@fedoraproject.org>	2016-03-14 08:51:16 -0400
commit	b653e2ee310ecdf59dbbac651db45a44eee5dcb1 (patch)
tree	429731214dbd12d13abfb7abf985636363eec68d /kernel.spec
parent	835b170e9cd2ebb2a448b8bb26c53eb5cb3da120 (diff)
download	kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.tar.gz kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.tar.xz kernel-b653e2ee310ecdf59dbbac651db45a44eee5dcb1.zip