The patch titled Subject: kernel/sysctl.c: avoid overflow has been removed from the -mm tree. Its filename was kernel-sysctlc-avoid-overflow.patch This patch was dropped because it was nacked ------------------------------------------------------ From: Heinrich Schuchardt <xypron.glpk@xxxxxx> Subject: kernel/sysctl.c: avoid overflow An undetected overflow may occur in do_proc_dointvec_minmax_conv_param. Link: http://lkml.kernel.org/r/1465608788-4813-1-git-send-email-xypron.glpk@xxxxxx Signed-off-by: Heinrich Schuchardt <xypron.glpk@xxxxxx> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- kernel/sysctl.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff -puN kernel/sysctl.c~kernel-sysctlc-avoid-overflow kernel/sysctl.c --- a/kernel/sysctl.c~kernel-sysctlc-avoid-overflow +++ a/kernel/sysctl.c @@ -2302,7 +2302,17 @@ static int do_proc_dointvec_minmax_conv( { struct do_proc_dointvec_minmax_conv_param *param = data; if (write) { - int val = *negp ? -*lvalp : *lvalp; + int val; + + if (*negp) { + if (*lvalp > (unsigned long) INT_MAX + 1) + return -EINVAL; + val = -*lvalp; + } else { + if (*lvalp > (unsigned long) INT_MAX) + return -EINVAL; + val = *lvalp; + } if ((param->min && *param->min > val) || (param->max && *param->max < val)) return -EINVAL; _ Patches currently in -mm which might be from xypron.glpk@xxxxxx are -- To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html