On 04/13/2017 11:41 AM, Josh Hunt wrote:
It looks like the following commit:
197c949e7798 ("udp: properly support MSG_PEEK with truncated buffers")
did not get backported to 4.1.y stable. I do see it in 4.4.y. If the
authors of the patch are OK with this can we please get this included in
4.1.y?
FWIW the 4.4.y commit, dfe2042d96065f044a794f684e9f7976a4ca6e24,
cherry-picks cleanly on top of 4.1.y.
Here's a link to the CVE info:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10229
Looking into this more it appears that this commit may not be necessary
for 4.1 since it has Al Viro's argument change mentioned by Eric in the
commit message. Although if someone could confirm that would be helpful.
Our initial thought was all kernels < 4.5 were affected. This does not
seem to be the case.
Josh