Description: Potential information leak or use-after-free in tty subsystem
References:
 https://source.android.com/security/bulletin/2016-11-01.html
Notes:
 bwh> A known use-after-free bug in N_X25 has already been fixed
 bwh> (commit ee9159ddce14, no CVE assigned).  The Android security
 bwh> bulletin says this fixes an information leak, presumably because
 bwh> if receive_room is too large it will permit reading beyond a
 bwh> buffer.  We also need commit fd98e9419d8d ("isdn/gigaset: reset
 bwh> tty->receive_room when attaching ser_gigaset") to avoid a
 bwh> regression.
Bugs:
upstream: released (4.5-rc1) [dd42bf1197144ede075a9d4793123f7689e164bc]
3.16-upstream-stable: released (3.16.40) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch]
3.2-upstream-stable: released (3.2.85) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch]
sid: released (4.5.1-1)
3.16-jessie-security: released (3.16.39-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
3.2-wheezy-security: released (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]