[Buildroot] [PATCH 1/1] package/systemd: Add upstream patch to fix CVE-2018-15688
Peter Korsgaard
peter at korsgaard.com
Wed Nov 14 08:13:46 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> Please always add a short description what the CVE is about. I have
> added:
> Systemd-networkd is vulnerable to an out out-of-bounds heap write in the
> DHCPv6 client when handling options sent by network adjacent DHCP
> servers. A attacker could exploit this via malicious DHCP server to
> corrupt heap memory on client machines, resulting in a denial of service
> or potential code execution.
Committed to 2018.02.x and 2018.08.x with the above addition, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list