On Fri, Apr 28, 2017 at 09:45:12AM +0200, Greg KH wrote: > On Thu, Apr 27, 2017 at 10:22:52PM +0200, Jon Maloy wrote: > > From: Jon Paul Maloy <jon.maloy@xxxxxxxxxxxx> > > > > commit 681a55d71799b575f46fe94121728cf67460d1c3 upstream > > > > (Slightly modified to apply cleanly) > > Belongs below the --- line. > > > > > In the function tipc_rcv() we initialize a couple of stack variables > > from the message header before that same header has been validated. > > In rare cases when the arriving header is non-linear, the validation > > function itself may linearize the buffer by calling skb_may_pull(), > > while the wrongly initialized stack fields are not updated accordingly. > > > > We fix this in this commit. > > > > Reported-by: Matthew Wong <mwong@xxxxxxxxxxxx> > > Signed-off-by: Jon Maloy <jon.maloy@xxxxxxxxxxxx> > > Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> > > > > Conflicts: > > net/tipc/node.c > > What are these lines for? Please don't do that, "Conflicts:" lines do > not belong in the changelog as they don't make any sense, right? Oh, and please fix this up and resend, I didn't take this patch. greg k-h