c/pve-kernel-qoup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add fix for CVE-2017-9074 fix

Browse Source
This commit is contained in:
Fabian Grünbichler
2017-06-09 11:39:33 +02:00
parent c7f85f2701
commit c1f358be22
2 changed files with 97 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Makefile
+1
View File
@@ -237,6 +237,7 @@ ${KERNEL_SRC}/README ${KERNEL_CFG_ORG}: ${KERNEL_SRC_SUBMODULE} | submodules
cd ${KERNEL_SRC}; patch -p1 < ../0001-netfilter-nft_set_rbtree-handle-re-addition-element-.patch # DoS from within (unpriv) containers
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-8890-dccp-tcp-do-not-inherit-mc_list-from-parent.patch
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-9074-ipv6-Prevent-overrun-when-parsing-v6-header-options.patch
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-9074-2-ipv6-Check-ip6_find_1stfragopt-return-value-properly.patch
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-9075-sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-9076_9077-ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch
cd ${KERNEL_SRC}; patch -p1 < ../CVE-2017-9242-ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch