Linus,
please pull from the tag "firewire-fixes" at
git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394.git
firewire-fixes
to receive the following FireWire (IEEE 1394) subsystem fixes:
- Add missing input validation to the firewire-net driver.
Invalid IP-over-1394 encapsulation headers could trigger
buffer overflows (CVE 2016-8633).
- IP-over-1394 link fragmentation headers were read and written
incorrectly, breaking fragmented RX/TX with other OS's stacks.
Stefan Richter (2):
firewire: net: guard against rx buffer overflows
firewire: net: fix fragmented datagram_size off-by-one
drivers/firewire/net.c | 59 ++++++++++++++++++++++++++++--------------
1 file changed, 39 insertions(+), 20 deletions(-)
Thanks,
--
Stefan Richter
-======----- =-== --=-=
http://arcgraph.de/sr/
