From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752427AbdGEMRc (ORCPT <rfc822;w@1wt.eu>);
        Wed, 5 Jul 2017 08:17:32 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:56258 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751637AbdGEMRb (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 Jul 2017 08:17:31 -0400
Date: Wed, 5 Jul 2017 14:17:30 +0200
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Ben Hutchings <ben.hutchings@codethink.co.uk>
Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
        "David S. Miller" <davem@davemloft.net>,
        Colin Ian King <colin.king@canonical.com>,
        Sasha Levin <alexander.levin@verizon.com>
Subject: Re: [PATCH 4.4 057/101] net: sctp: fix array overrun read on
 sctp_timer_tbl
Message-ID: <20170705121730.GD9714@kroah.com>
References: <20170703133334.237346187@linuxfoundation.org>
 <20170703133343.987327646@linuxfoundation.org>
 <1499194116.1935.90.camel@codethink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1499194116.1935.90.camel@codethink.co.uk>
User-Agent: Mutt/1.8.3 (2017-05-23)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jul 04, 2017 at 07:48:36PM +0100, Ben Hutchings wrote:
> On Mon, 2017-07-03 at 15:34 +0200, Greg Kroah-Hartman wrote:
> > 4.4-stable review patch.  If anyone has any objections, please let me know.
> > 
> > ------------------
> > 
> > From: Colin Ian King <colin.king@canonical.com>
> > 
> > 
> > [ Upstream commit 0e73fc9a56f22f2eec4d2b2910c649f7af67b74d ]
> > 
> > The comparison on the timeout can lead to an array overrun
> > read on sctp_timer_tbl because of an off-by-one error.
> [...]
> 
> The off-by-one error was only introduced in 4.11 by:
> 
> commit 7b9438de0cd4b46a6914416bfede6cf839cd9e68
> Author: Xin Long <lucien.xin@gmail.com>
> Date:   Wed Jan 18 00:44:43 2017 +0800
> 
>     sctp: add stream reconf timer
> 
> So it is harmless but also useless to apply this to 4.4 and 4.9.

Thanks, I've now dropped it from both of those trees.

greg k-h