[meta-freescale] [PATCH 1/1] CVE-2014-5077 Kernel/SCTP: fix a NULL pointer dereference
Otavio Salvador
otavio at ossystems.com.br
Mon Sep 15 05:50:55 PDT 2014
On Mon, Sep 15, 2014 at 4:14 AM, Liviu Gheorghisan
<liviu.gheorghisan at enea.com> wrote:
> A NULL pointer dereference flaw was found in the way the
> Linux kernel's Stream Control Transmission Protocol
> (SCTP) implementation handled simultaneous connections
> between the same hosts. A remote attacker could use this
> flaw to crash the system.
>
> References:
> - https://access.redhat.com/security/cve/CVE-2014-5077
> - http://patchwork.ozlabs.org/patch/372475/
>
> Signed-off-by: Liviu Gheorghisan <liviu.gheorghisan at enea.com>
Please next time follow the README and send the patch with proper
prefix. Adding Luo in Cc.
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750
More information about the meta-freescale
mailing list