Date: Sat, 26 Jul 2014 11:12:35 +0200 From: Daniel Borkmann <dborkman@...hat.com> To: oss-security@...ts.openwall.com CC: cve-assign@...re.org, ppandit@...hat.com Subject: Re: Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference On 07/26/2014 04:21 AM, cve-assign@...re.org wrote: ... > Use CVE-2014-5077 for this issue in the sctp_assoc_update function in > net/sctp/associola.c (not yet patched at > http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/sctp/associola.c). It's currently in the -net tree , I expect a pull request for mainline to happen quite soon. Cheers, Daniel  http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=1be9a950c646c9092fb3618197f7b6bfb50e82aa
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ