[meta-freescale] [PATCH 2/2] kernel: CVE-2016-0758
Otavio Salvador
otavio.salvador at ossystems.com.br
Wed Nov 30 03:02:04 PST 2016
On Mon, Nov 28, 2016 at 11:42 AM, Sona Sarmadi <sona.sarmadi at enea.com> wrote:
> Fixes a flaw in the Linux kernel's ASN.1 DER decoder processed
> certain certificate files with tags of indefinite length. A local,
> unprivileged user could use a specially crafted X.509 certificate
> DER file to crash the system or, potentially, escalate their
> privileges on the system.
>
> References:
> https://lkml.org/lkml/2016/5/12/270
> Upstream fix (kernel.org 3.16 branch):
> https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=af00ae6ef5a2c73f21ba215c476570b7772a14fb
>
> Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>
The patch itself is fine but the shortlog is not. Please use the
recipe name accordingly the commit guidelines from OE.
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750
More information about the meta-freescale
mailing list