I've attached the following fixes to 4.9, as an mbox: - brcmfmac: add length checks in scheduled scan result handler - brcmfmac: assure SSID length from firmware is limited - brcmfmac: add subtype check for event handling in data path - binder: Replace "%p" with "%pK" for stable - binder: replace "%p" with "%pK" - fs: prevent page refcount overflow in pipe_buf_get - mm, gup: remove broken VM_BUG_ON_PAGE compound check for hugepages - mm, gup: ensure real head page is ref-counted when using hugepages - mm: prevent get_user_pages() from overflowing page refcount - mm: make page ref count overflow check tighter and more explicit - coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping The first two "mm, gup" commits might not be strictly security fixes but the next one depends on them. Ben. -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom
Attachment:
security-4.9.mbox
Description: application/mbox
