CVE-2017-2636 Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release (rhbz 1430049)

author: Laura Abbott <labbott@fedoraproject.org> 2017-03-07 14:59:52 -0800
committer: Laura Abbott <labbott@fedoraproject.org> 2017-03-07 15:02:49 -0800
commit: 5201951170085157d7d499805156c225914dd34a (patch)
tree: de66c5fd83b9ba27ae5ff561e6243fd33d79cdf3 /kernel.spec
parent: ff3f49e499f685591d36072d31f3245d8427a286 (diff)
download: kernel-5201951170085157d7d499805156c225914dd34a.tar.gz
kernel-5201951170085157d7d499805156c225914dd34a.tar.xz
kernel-5201951170085157d7d499805156c225914dd34a.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/kernel.spec b/kernel.spec
index 24d2d5b1f..39d554de2 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -615,6 +615,9 @@ Patch854: kvm-fix-page-struct-leak-in-handle_vmon.patch
 #CVE-2017-6353 rhbz 1428907 1428910
 Patch855: sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch
 
+# CVE-2017-2636 rhbz 1430049
+Patch668: 0001-tty-n_hdlc-get-rid-of-racy-n_hdlc.tbuf.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -2184,6 +2187,9 @@ fi
 #
 #
 %changelog
+* Tue Mar 07 2017 Laura Abbott <labbott@fedoraproject.org>
+- CVE-2017-2636 Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release (rhbz 1430049)
+
 * Mon Mar  6 2017 Justin M. Forbes <jforbes@fedoraproject.org>
 - CVE-2017-6353 Possible double free in stcp_sendmsg (rhbz 1428907 1428910)
author	Laura Abbott <labbott@fedoraproject.org>	2017-03-07 14:59:52 -0800
committer	Laura Abbott <labbott@fedoraproject.org>	2017-03-07 15:02:49 -0800
commit	5201951170085157d7d499805156c225914dd34a (patch)
tree	de66c5fd83b9ba27ae5ff561e6243fd33d79cdf3 /kernel.spec
parent	ff3f49e499f685591d36072d31f3245d8427a286 (diff)
download	kernel-5201951170085157d7d499805156c225914dd34a.tar.gz kernel-5201951170085157d7d499805156c225914dd34a.tar.xz kernel-5201951170085157d7d499805156c225914dd34a.zip