On Tue, May 30, 2017 at 11:43 AM, Eduardo Valentin <eduval@xxxxxxxxxx> wrote: > Folks, > > I was checking the CVE-2017-9076 [1], which mentions this commit: > > commit 83eaddab4378db256d00d295bda6ca997cd13a52 > Author: WANG Cong <xiyou.wangcong@xxxxxxxxx> > Date: Tue May 9 16:59:54 2017 -0700 > > ipv6/dccp: do not inherit ipv6_mc_list from parent > > Like commit 657831ffc38e ("dccp/tcp: do not inherit mc_list from parent") > we should clear ipv6_mc_list etc. for IPv6 sockets too. > > Cc: Eric Dumazet <edumazet@xxxxxxxxxx> > Signed-off-by: Cong Wang <xiyou.wangcong@xxxxxxxxx> > Acked-by: Eric Dumazet <edumazet@xxxxxxxxxx> > Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> > > And I was wondering if it could simply be sent to stable trees. The change > can be cherry-picked on 4.9.y, for example. Yes, this commit should be backported to stable releases together with the following two commits: commit 657831ffc38e30092a2d5f03d385d710eb88b09a Author: Eric Dumazet <edumazet@xxxxxxxxxx> Date: Tue May 9 06:29:19 2017 -0700 dccp/tcp: do not inherit mc_list from parent commit fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8 Author: Eric Dumazet <edumazet@xxxxxxxxxx> Date: Wed May 17 07:16:40 2017 -0700 sctp: do not inherit ipv6_{mc|ac|fl}_list from parent Thanks.