[linux-yocto] [PATCH v4.18 00/10] Collection of mainline backports for CVEs
Paul Gortmaker
paul.gortmaker at windriver.com
Tue Nov 6 12:02:57 PST 2018
Bruce, yocto kernel folks,
Here is a group of mainline backports to our v4.18 standard/base that
address the following CVE items from this year:
CVE-2018-5391
CVE-2018-13096
CVE-2018-13097
CVE-2018-14610
CVE-2018-14611
CVE-2018-14612
CVE-2018-14613
I've applied them onto our standard/base at 2ba9a28434f8 and then built
and booted a defconfig + BTRFS + F2FS. Also tested btrfs on a small
partition since the commits were about 1/2 for that alone.
Please apply and merge out to the respective branches when you have
a chance.
Thanks,
Paul.
---
Chao Yu (2):
f2fs: fix to do sanity check with user_block_count
f2fs: fix to do sanity check with node footer and iblocks
Gu Jinxiang (1):
btrfs: validate type when reading a chunk
Peter Oskolkov (3):
ip: discard IPv4 datagrams with overlapping segments.
net: modify skb_rbtree_purge to return the truesize of all purged skbs.
ip: use rb trees for IP frag queue.
Qu Wenruo (4):
btrfs: Check that each block group has corresponding chunk at mount time
btrfs: Verify that every chunk has corresponding block group at mount time
btrfs: Introduce mount time chunk <-> dev extent mapping check
btrfs: tree-checker: Verify block_group_item
fs/btrfs/disk-io.c | 7 +
fs/btrfs/extent-tree.c | 86 +++++++++++-
fs/btrfs/tree-checker.c | 100 +++++++++++++
fs/btrfs/volumes.c | 214 +++++++++++++++++++++++++++-
fs/btrfs/volumes.h | 4 +
fs/f2fs/inode.c | 25 +++-
fs/f2fs/super.c | 13 +-
include/linux/skbuff.h | 11 +-
include/net/inet_frag.h | 3 +-
include/uapi/linux/snmp.h | 1 +
net/core/skbuff.c | 6 +-
net/ipv4/inet_fragment.c | 16 ++-
net/ipv4/ip_fragment.c | 239 +++++++++++++++-----------------
net/ipv4/proc.c | 1 +
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
net/ipv6/reassembly.c | 1 +
16 files changed, 582 insertions(+), 146 deletions(-)
--
2.15.0
More information about the linux-yocto
mailing list