This is a note to let you know that I've just added the patch titled dccp: fix memory leak during tear-down of unsuccessful connection request to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: dccp-fix-memory-leak-during-tear-down-of-unsuccessful-connection-request.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From foo@baz Sat Mar 18 22:03:25 CST 2017 From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx> Date: Mon, 13 Mar 2017 00:01:30 +0100 Subject: dccp: fix memory leak during tear-down of unsuccessful connection request From: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx> [ Upstream commit 72ef9c4125c7b257e3a714d62d778ab46583d6a3 ] This patch fixes a memory leak, which happens if the connection request is not fulfilled between parsing the DCCP options and handling the SYN (because e.g. the backlog is full), because we forgot to free the list of ack vectors. Reported-by: Jianwen Ji <jiji@xxxxxxxxxx> Signed-off-by: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- net/dccp/ccids/ccid2.c | 1 + 1 file changed, 1 insertion(+) --- a/net/dccp/ccids/ccid2.c +++ b/net/dccp/ccids/ccid2.c @@ -749,6 +749,7 @@ static void ccid2_hc_tx_exit(struct sock for (i = 0; i < hc->tx_seqbufc; i++) kfree(hc->tx_seqbuf[i]); hc->tx_seqbufc = 0; + dccp_ackvec_parsed_cleanup(&hc->tx_av_chunks); } static void ccid2_hc_rx_packet_recv(struct sock *sk, struct sk_buff *skb) Patches currently in stable-queue which might be from hannes@xxxxxxxxxxxxxxxxxxx are queue-4.9/tun-fix-premature-pollout-notification-on-tun-devices.patch queue-4.9/dccp-fix-memory-leak-during-tear-down-of-unsuccessful-connection-request.patch queue-4.9/ipv6-avoid-write-to-a-possibly-cloned-skb.patch queue-4.9/bridge-drop-netfilter-fake-rtable-unconditionally.patch