blob: a6247dbae07e46ba2c760658f617283e243c85b7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: net: dccp: fix structure use-after-free
References:
https://www.openwall.com/lists/oss-security/2020/10/13/7
https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
Notes:
carnil> Introduced with 2677d2067731 ("dccp: don't free
carnil> ccid2_hc_tx_sock struct in dccp_disconnect()") in 4.17-rc7 (and
carnil> backported as well to various stable series as e.g. 4.9.108).
Bugs:
upstream: released (5.15-rc2) [d9ea761fdd197351890418acd462c51f241014a7]
5.10-upstream-stable: released (5.10.68) [6c3cb65d561e76fd0398026c023e587fec70e188]
4.19-upstream-stable: released (4.19.207) [dfec82f3e5b8bd93ab65b7417a64886ec8c42f14]
4.9-upstream-stable: released (4.9.283) [40ea36ffa7207456c3f155bbab76754d3f37ce04]
sid: released (5.14.6-1) [bugfix/all/dccp-don-t-duplicate-ccid-when-cloning-dccp-sock.patch]
5.10-bullseye-security: released (5.10.46-5) [bugfix/all/dccp-don-t-duplicate-ccid-when-cloning-dccp-sock.patch]
4.19-buster-security: needed
4.9-stretch-security: pending (4.9.284-1)
|
