mr/openwrt
2
0
Fork 1
Code Issues 7 Pull Requests Releases Wiki Activity
65eec8bd5f
openwrt/target/linux
History
Jo-Philipp Wich 4fbd072624 kernel: update kernel 4.4 to 4.4.71 
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:24:41 +02:00
..
adm5120 Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
adm8668 Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
apm821xx kernel: update kernel 4.4 to 4.4.70 2017-05-27 00:43:02 +02:00
ar7 Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
ar71xx ar71xx: fix Wallys DR344 GPIO-connected LEDs and button 2017-05-30 14:57:09 +02:00
arc770 arc770: only calculate entry point address when necessary 2017-03-01 20:37:37 +01:00
archs38 archs38: only calculate entry point address when necessary 2017-03-01 20:37:37 +01:00
arm64 Revert "arm64: boot-wrapper: Add mirror" 2016-12-22 21:08:17 +01:00
armvirt armvirt: add kernel config change missing from 0d44f0cb 2017-01-13 11:05:32 +01:00
at91 kernel: remove ubifs xz decompression support 2017-01-09 14:07:06 +01:00
ath25 kernel: backport MIPS changes introducing a separate IRQ stack 2017-01-15 18:25:54 +01:00
au1000 Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
bcm53xx bcm53xx: add support for TP-LINK Archer C5 V2 2017-05-22 11:38:03 +02:00
brcm47xx kernel: update kernel 4.4 to 4.4.61 2017-04-15 17:20:51 +02:00
brcm63xx kernel: update kernel 4.4 to 4.4.69 2017-05-24 22:47:01 +02:00
brcm2708 kernel: update kernel 4.4 to 4.4.70 2017-05-27 00:43:02 +02:00
cns3xxx cns3xxx: use proper macro's for ID handling 2017-04-28 17:09:49 +02:00
gemini
generic kernel: update kernel 4.4 to 4.4.71 2017-06-07 21:24:41 +02:00
imx6 kernel: update kernel 4.4 to 4.4.59 2017-04-02 14:37:49 +02:00
ipq806x ipq806x: fix Netgear X4 R7500 ath10k firmware selection 2017-05-27 14:23:14 +02:00
ixp4xx ixp4xx: drop 3.18 config/patches 2017-01-02 21:06:13 +01:00
kirkwood kirkwood: fix include in etc/board.d/02_network 2017-03-01 20:37:37 +01:00
lantiq lantiq: fix broadcasts and vlans in two iface mode 2017-06-03 16:51:42 +02:00
layerscape kernel: update kernel 4.4 to version 4.4.50 2017-02-20 16:02:54 +01:00
malta malta: mark as source-only to avoid wasting build resources 2017-01-24 13:35:47 +01:00
mcs814x Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
mediatek kernel: update kernel 4.4 to 4.4.69 2017-05-24 22:47:01 +02:00
mpc85xx kernel: remove DEVMEM/DEVKMEM platform overrides 2017-01-10 13:48:53 +01:00
mvebu mvebu: wrt3200acm enable SDIO interface 2017-03-11 20:34:33 +01:00
mxs mxs: remove stale references to obsolete kernel module packages 2017-01-28 20:32:39 +01:00
octeon octeon: only copy sysupgrade file if present 2017-02-15 09:37:15 +01:00
omap omap: build various core drivers into the kernel instead of packaging them 2017-01-10 13:44:26 +01:00
omap24xx
orion kernel: remove DEVMEM/DEVKMEM platform overrides 2017-01-10 13:48:53 +01:00
oxnas kernel: update kernel 4.4 to 4.4.69 2017-05-24 22:47:01 +02:00
ppc40x
ppc44x ppc44x: mark as broken 2017-01-10 12:49:34 +01:00
ramips ramips: add om-watchdog to rut5xx DEVICE_PACKAGES 2017-05-15 22:56:01 +02:00
rb532 kernel: remove ubifs xz decompression support 2017-01-09 14:07:06 +01:00
sunxi kernel: update kernel 4.4 to 4.4.69 2017-05-24 22:47:01 +02:00
uml uml: mark as source-only 2017-01-24 13:35:47 +01:00
x86 Add missing APU1 reference to x86 board.d 2017-06-06 23:02:20 +02:00
xburst Mark targets using kernel 3.18 as source-only 2017-02-17 06:58:33 +01:00
zynq kernel: remove DEVTMPFS platform overrides 2017-01-10 13:48:53 +01:00
Makefile