Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756074AbcKEQRR (ORCPT ); Sat, 5 Nov 2016 12:17:17 -0400 Received: from einhorn.in-berlin.de ([192.109.42.8]:49118 "EHLO einhorn.in-berlin.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754874AbcKEQRQ (ORCPT ); Sat, 5 Nov 2016 12:17:16 -0400 X-Envelope-From: stefanr@s5r6.in-berlin.de Date: Sat, 5 Nov 2016 17:17:03 +0100 From: Stefan Richter To: Linus Torvalds Cc: linux-kernel@vger.kernel.org, linux1394-devel@lists.sourceforge.net Subject: [git pull] FireWire fixes Message-ID: <20161105171703.3651c675@kant> X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.31; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 837 Lines: 27 Linus, please pull from the tag "firewire-fixes" at git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394.git firewire-fixes to receive the following FireWire (IEEE 1394) subsystem fixes: - Add missing input validation to the firewire-net driver. Invalid IP-over-1394 encapsulation headers could trigger buffer overflows (CVE 2016-8633). - IP-over-1394 link fragmentation headers were read and written incorrectly, breaking fragmented RX/TX with other OS's stacks. Stefan Richter (2): firewire: net: guard against rx buffer overflows firewire: net: fix fragmented datagram_size off-by-one drivers/firewire/net.c | 59 ++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 20 deletions(-) Thanks, -- Stefan Richter -======----- =-== --=-= http://arcgraph.de/sr/