Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels

stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels
@ 2016-03-28 23:53 Jeffrey Vander Stoep
  2016-03-29  8:26 ` Zefan Li
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Jeffrey Vander Stoep @ 2016-03-28 23:53 UTC (permalink / raw)
  To: stable; +Cc: linux-kernel, Greg KH, lizefan

https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
partially failed read" is missing from the stable 3.4.y and 3.10.y
kernels. It has been included in 3.2.y and 3.14.y.

I am able to cause a kernel panic without this patch.

Regards,
Jeff Vander Stoep

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels
  2016-03-28 23:53 Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels Jeffrey Vander Stoep
@ 2016-03-29  8:26 ` Zefan Li
  2016-03-29 13:34 ` Willy Tarreau
  2016-06-04 11:33 ` Willy Tarreau
  2 siblings, 0 replies; 5+ messages in thread
From: Zefan Li @ 2016-03-29  8:26 UTC (permalink / raw)
  To: Jeffrey Vander Stoep, stable; +Cc: linux-kernel, Greg KH

On 2016/3/29 7:53, Jeffrey Vander Stoep wrote:
> https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
> partially failed read" is missing from the stable 3.4.y and 3.10.y
> kernels. It has been included in 3.2.y and 3.14.y.
> 
> I am able to cause a kernel panic without this patch.
> 

I'll queue it up for 3.4.y. Thanks!


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels
  2016-03-28 23:53 Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels Jeffrey Vander Stoep
  2016-03-29  8:26 ` Zefan Li
@ 2016-03-29 13:34 ` Willy Tarreau
  2016-06-04 11:33 ` Willy Tarreau
  2 siblings, 0 replies; 5+ messages in thread
From: Willy Tarreau @ 2016-03-29 13:34 UTC (permalink / raw)
  To: Jeffrey Vander Stoep; +Cc: stable, linux-kernel, Greg KH, lizefan

On Mon, Mar 28, 2016 at 04:53:48PM -0700, Jeffrey Vander Stoep wrote:
> https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
> partially failed read" is missing from the stable 3.4.y and 3.10.y
> kernels. It has been included in 3.2.y and 3.14.y.
> 
> I am able to cause a kernel panic without this patch.

Greg, don't bother with it, I'll handle it.

Willy


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels
  2016-03-28 23:53 Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels Jeffrey Vander Stoep
  2016-03-29  8:26 ` Zefan Li
  2016-03-29 13:34 ` Willy Tarreau
@ 2016-06-04 11:33 ` Willy Tarreau
  2016-06-04 19:39   ` Greg KH
  2 siblings, 1 reply; 5+ messages in thread
From: Willy Tarreau @ 2016-06-04 11:33 UTC (permalink / raw)
  To: Jeffrey Vander Stoep; +Cc: stable, linux-kernel, Greg KH, lizefan

Hi,

On Mon, Mar 28, 2016 at 04:53:48PM -0700, Jeffrey Vander Stoep wrote:
> https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
> partially failed read" is missing from the stable 3.4.y and 3.10.y
> kernels. It has been included in 3.2.y and 3.14.y.
> 
> I am able to cause a kernel panic without this patch.

Just a heads up on this one, it is *not* included in 3.14 as of 3.14.71.
It's in 3.2 and 3.4 however. Greg, you can pick commit feae3ca2e5e1a
from kernel 3.2, it will apply with an offset.

Regards,
Willy

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels
  2016-06-04 11:33 ` Willy Tarreau
@ 2016-06-04 19:39   ` Greg KH
  0 siblings, 0 replies; 5+ messages in thread
From: Greg KH @ 2016-06-04 19:39 UTC (permalink / raw)
  To: Willy Tarreau; +Cc: Jeffrey Vander Stoep, stable, linux-kernel, lizefan

On Sat, Jun 04, 2016 at 01:33:21PM +0200, Willy Tarreau wrote:
> Hi,
> 
> On Mon, Mar 28, 2016 at 04:53:48PM -0700, Jeffrey Vander Stoep wrote:
> > https://lkml.org/lkml/2016/2/23/812 "pipe: Fix buffer offset after
> > partially failed read" is missing from the stable 3.4.y and 3.10.y
> > kernels. It has been included in 3.2.y and 3.14.y.
> > 
> > I am able to cause a kernel panic without this patch.
> 
> Just a heads up on this one, it is *not* included in 3.14 as of 3.14.71.
> It's in 3.2 and 3.4 however. Greg, you can pick commit feae3ca2e5e1a
> from kernel 3.2, it will apply with an offset.

Ugh, sorry about that, I thought I picked it up, my fault.  thanks for
pointing it out, now queued up.

greg k-h

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2016-06-04 19:39 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-28 23:53 Patch for CVE-2016-0774 missing from stable 3.4 and 3.10 kernels Jeffrey Vander Stoep
2016-03-29  8:26 ` Zefan Li
2016-03-29 13:34 ` Willy Tarreau
2016-06-04 11:33 ` Willy Tarreau
2016-06-04 19:39   ` Greg KH

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).