On Thu, Mar 21, 2013 at 04:16:06AM +0000, Ben Hutchings wrote: > I believe this fix is needed on stable branches 3.2.y, 3.4.y and 3.5.7.z: > > commit 95a69adab9acfc3981c504737a2b6578e4d846ef > Author: Tomas Hozza <tho...@redhat.com> > Date: Thu Nov 8 10:53:29 2012 +0100 > > tools: hv: Netlink source address validation allows DoS > > The source code without this patch caused hypervkvpd to exit when it > processed > a spoofed Netlink packet which has been sent from an untrusted local user. > Now Netlink messages with a non-zero nl_pid source address are ignored > and a warning is printed into the syslog. > > Signed-off-by: Tomas Hozza <tho...@redhat.com> > Acked-by: K. Y. Srinivasan <k...@microsoft.com> > Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
Thanks, queuing for 3.5 kernel. Cheers, -- Luis -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
