Hi, seems like the following stable kernels are still missing the following fix for CVE-2015-4167: - 3.14 - 3.10 - 3.4 > Commit: 23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 > From: Jan Kara > Date: Wed, 7 Jan 2015 13:49:08 +0100 > Subject: udf: Check length of extended attributes and allocation > descriptors > > Check length of extended attributes and allocation descriptors when > loading inodes from disk. Otherwise corrupted filesystems could confuse > the code and make the kernel oops. -Thomas -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html