In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThere is no fixed version for Centos:7
python-perf
.
Note: Versions mentioned in the description apply only to the upstream python-perf
package and not the python-perf
package as distributed by Centos
.
See How to fix?
for Centos:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
net_sched: keep alloc_hash updated after hash allocation
In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched. This difference could lead to another out of bound access.
cp->alloc_hash should always be the size allocated, we should update it after this tcindex_alloc_perfect_hash().