Description: Crafted BPF filters may crash kernel during JIT optimisation References: Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74. This is mitigated by the fact that BPF JIT has always been disabled by default. Bugs: upstream: released (4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be] 3.16-upstream-stable: released (3.16.7-ckt13) 3.2-upstream-stable: released (3.2.70) [x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch] 2.6.32-upstream-stable: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74" sid: released (4.0.7-1) 3.16-jessie-security: released (3.16.7-ckt11+deb8u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch] 3.2-wheezy-security: released (3.2.68-1+deb7u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch] 2.6.32-squeeze-security: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"