Commit Graph

12 Commits

Author SHA1 Message Date
Jo-Philipp Wich
4fbd072624 kernel: update kernel 4.4 to 4.4.71
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:24:41 +02:00
Hauke Mehrtens
0dcc4d239d kernel: update kernel 4.4 to 4.4.59
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-04-02 14:37:49 +02:00
Kevin Darbyshire-Bryant
102cb4742c kernel: bump to 4.4.35
Refresh patches on all 4.4 supported platforms.

077-0005-bgmac-stop-clearing-DMA-receive-control-register-rig.patch
removed as now upstream.

Compile & run tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-11-29 21:12:08 +01:00
Paul Wassi
a569354481 kernel: update kernel 4.4 to version 4.4.28
Refresh patches for all targets that support kernel 4.4.
compile/run-tested on ar71xx, brcm47xx, kirkwood.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-10-31 16:33:53 +01:00
Álvaro Fernández Rojas
7d559169c5 kernel: update to v4.4.23
Refresh patches for all targets that support kernel 4.4.
compile/run-tested on brcm2708/bcm2710 only.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-30 20:08:21 +02:00
Hauke Mehrtens
e9d7ee4f41 kernel: update kernel 4.4 to version 4.4.4
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48933
2016-03-05 17:51:37 +00:00
Felix Fietkau
7f11532c58 kernel: compile out SNMP MIB related counting if debloat-proc is active - improves network stack performance
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48239
2016-01-15 10:47:14 +00:00
Felix Fietkau
f875e18fd2 kernel: Update kernel 4.4 to 4.4.0
This removes one patch which was applied upstream with commit
67b9bcd36906e12a15ffec19463afbbd6a41660e. All other patches were
refreshed.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 48203
2016-01-11 20:13:17 +00:00
Imre Kaloz
cae1c44e4f generic/4.4: update to 4.4-rc7
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 48059
2016-01-01 22:02:47 +00:00
Imre Kaloz
5705d058eb generic/4.4: bump to -rc5
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 47894
2015-12-15 11:20:38 +00:00
Imre Kaloz
9999ca14e7 generic: bump 4.4 to rc4
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 47801
2015-12-07 10:11:43 +00:00
Jonas Gorski
621677154f kernel: add linux 4.4 support
Based on 4.4-rc3. Runtime tested on MIPS.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 47701
2015-12-02 22:23:22 +00:00