cip-dev@lists.cip-project.org | [ANNOUNCE] Release v4.4.302-cip73

Home Messages Hashtags Subgroups

Date Date 1 - 2 of 2

[ANNOUNCE] Release v4.4.302-cip73

Ulrich Hecht #11018 [ANNOUNCE] Release v4.4.302-cip73 Hi, the CIP kernel team has released Linux kernel v4.4.302-cip73. The linux-4.4.y-cip tree's base version has been updated to v4.4-st38. You can get this release via the git tree at: v4.4.302-cip73: repository: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git branch: linux-4.4.y-cip commit hash: b58e18a67ac192c595acdaf67c2e666bf0433787 Fixed CVEs: CVE-2022-47929: In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. CVE-2023-0045: Bypassing Spectre-BTI User Space Mitigations CVE-2023-0394: ipv6: raw: Deduct extension header length in rawv6_push_pending_frames CVE-2023-1073: HID: check empty report_list in hid_validate_values() CVE-2023-1074: sctp: fail if no bound addresses can be used for a given scope CVE-2023-23455: net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: rndis_wlan: Prevent buffer overflow in rndis_query_oid CVE-2023-26545: net: mpls: fix stale pointer if allocation fails during device rename Best regards, Ulrich Hecht
More All Messages By This Member
Nobuhiro Iwamatsu #11104 Hi Uli, Could you update linux-4.4.y-cip-rebase tree? https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/log/?h=linux-4.4.y-cip-rebase This tree manages the -cip tree source code rebased from v4.4.y. This time we need to rebase from v4.4-st38. Best regards, Nobuhiro toggle quoted message Show quoted text -----Original Message----- From: cip-dev@... <cip-dev@...> On Behalf Of Ulrich Hecht Sent: Tuesday, March 14, 2023 1:05 AM To: cip-dev@... Cc: pavel@...; jan.kiszka@...; masami.ichikawa@...; chris.paterson2@...; iwamatsu nobuhiro(岩松信洋 □ＳＷＣ◯ＡＣＴ) <nobuhiro1.iwamatsu@...> Subject: [cip-dev] [ANNOUNCE] Release v4.4.302-cip73 [ANNOUNCE] Release v4.4.302-cip73 Hi, the CIP kernel team has released Linux kernel v4.4.302-cip73. The linux-4.4.y-cip tree's base version has been updated to v4.4-st38. You can get this release via the git tree at: v4.4.302-cip73: repository: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git branch: linux-4.4.y-cip commit hash: b58e18a67ac192c595acdaf67c2e666bf0433787 Fixed CVEs: CVE-2022-47929: In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c. CVE-2023-0045: Bypassing Spectre-BTI User Space Mitigations CVE-2023-0394: ipv6: raw: Deduct extension header length in rawv6_push_pending_frames CVE-2023-1073: HID: check empty report_list in hid_validate_values() CVE-2023-1074: sctp: fail if no bound addresses can be used for a given scope CVE-2023-23455: net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: rndis_wlan: Prevent buffer overflow in rndis_query_oid CVE-2023-26545: net: mpls: fix stale pointer if allocation fails during device rename Best regards, Ulrich Hecht
More All Messages By This Member

1 - 2 of 2

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms