17.07.2017 17:48, Samuel Thibault wrote: > P J P, on lun. 17 juil. 2017 17:33:26 +0530, wrote: >> From: Prasad J Pandit <p...@fedoraproject.org> >> >> While parsing dhcp options string in 'dhcp_decode', if an options' >> length 'len' appeared towards the end of 'bp_vend' array, ensuing >> read could lead to an OOB memory access issue. Add check to avoid it. >> >> Reported-by: Reno Robert <renorob...@gmail.com> >> Signed-off-by: Prasad J Pandit <p...@fedoraproject.org> > > Oops, sure, applied to my tree, thanks!
Can we have it in 2.10 please? This is CVE-2017-11434, which can be mentioned in the commit message. Thanks, /mjt
