On Thu, Oct 12, 2017 at 11:54:12AM +0200, Arend van Spriel wrote: > commit 17df6453d4be17910456e99c5a85025aa1b7a246 upstream. > > Upon handling the firmware notification for scans the length was > checked properly and may result in corrupting kernel heap memory > due to buffer overruns. This fix addresses CVE-2017-0786. > > Cc: Kevin Cernekee <cerne...@chromium.org> > Reviewed-by: Hante Meuleman <hante.meule...@broadcom.com> > Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesbe...@broadcom.com> > Reviewed-by: Franky Lin <franky....@broadcom.com> > Signed-off-by: Arend van Spriel <arend.vanspr...@broadcom.com> > --- > Hi, Greg > > This backport for stable-4.4 has been compile tested on x86_64 on > linux-4.4.y branch in the stable repo. Apparently I only checked > that the patch applied on 4.4. Lesson learned.
No worries, thanks for the patch. greg k-h
