Commit 42d84c8490f9 ("vhost: Check docket sk_family instead of call getname") fixes CVE-2020-10942. It has been applied to v4.14.y and later, but not to v4.4.y. While it does not apply directly to v4.4.y, its backport to v4.14.y (commit ff8e12b0cfe2 in v4.14.y) does. Please apply the backport to v4.4.y as well.
Thanks, Guenter
On Sat, Mar 28, 2020 at 08:44:48AM -0700, Guenter Roeck wrote:
Commit 42d84c8490f9 ("vhost: Check docket sk_family instead of call getname") fixes CVE-2020-10942. It has been applied to v4.14.y and later, but not to v4.4.y. While it does not apply directly to v4.4.y, its backport to v4.14.y (commit ff8e12b0cfe2 in v4.14.y) does. Please apply the backport to v4.4.y as well.
I've queued it for 4.4, thanks!
linux-stable-mirror@lists.linaro.org