projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 646ae5a) | patch
package/systemd: Add upstream patch to fix CVE-2018-15688
authorBernd Kuhls <bernd.kuhls@t-online.de>
Tue, 30 Oct 2018 17:50:13 +0000 (18:50 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 30 Oct 2018 20:07:36 +0000 (21:07 +0100)
commitbc6ecbbeefadb185e9d171562afb9f01e250e132
treebbafe8acb0198a74bee83573a12c4358f3829bf7tree
parent646ae5a0b1ec9e7c099de0088c333470283f7e33commit | diff
package/systemd: Add upstream patch to fix CVE-2018-15688

Systemd-networkd is vulnerable to an out out-of-bounds heap write in the
DHCPv6 client when handling options sent by network adjacent DHCP servers.
A attacker could exploit this via malicious DHCP server to corrupt heap
memory on client machines, resulting in a denial of service or potential
code execution.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: add description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/systemd/0005-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch [new file with mode: 0644] blob