Re: CVE-2016-5696: linux kernel - challange ack information leak.

[Gsunde Orangen <gsunde.orangen () gmail com>]

> > Heh, fair enough.  This fix is now in the kernels that were released
today
> > (4.7.1, 4.6.7, 4.4.18, and 3.14.76), hope that helps.
It seems that Greg keeps on being bothered with questions ;-)
Here's one more: the relevant Upstream commit
75ff39ccc1bd5d3c455b6822ab09e533c551f758
is referenced in all change logs of yesterday's kernel releases...
... Except for: 4.7.1 (https://cdn.kernel.org/pub/
linux/kernel/v4.x/ChangeLog-4.7.1)
Did 4.7.1 miss the fix?

Thanks again,
Gsunde

2016-08-17 14:16 GMT+02:00 Greg KH <greg () kroah com>:

> On Wed, Aug 17, 2016 at 11:54:56AM +0000, Sona Sarmadi wrote:
> > > > > You can _always_ just apply the patch to your local tree, there's
> > > > > never a need to wait for me to get a kernel out.  That's the
> > > > > advantage of having the source for your systems :)
> > > > Yes, we can do that but sometimes the patches for newer kernels don't
> > > > apply cleanly on older versions.
> > > > There is always a risk that our home grown patches have undesired
> side
> > > > effects. We prefer your sign of approval on patches for older kernels
> > > > :)
> > >
> > > Heh, fair enough.  This fix is now in the kernels that were released
> today
> > > (4.7.1, 4.6.7, 4.4.18, and 3.14.76), hope that helps.
> > >
> > > greg k-h
> >
> > Thanks a lot Greg, yes this helps :) I could apply  patch from
> linux-3.14.y branch
> > to linux-3.12.y as well (the code looks similar).
>
> Note, I got the patch a bit wrong, it's not as fast as it could be,
> here's an update to put on top of the one you took from 3.14.y:
>         https://git.kernel.org/cgit/linux/kernel/git/stable/
> stable-queue.git/commit/?id=e09bea58ec0552dbbf71fb22bf7a46da9a288fc8
>
> thanks,
>
> greg k-h