[kernel-sec-discuss] r3434 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jul 9 05:20:51 UTC 2014


Author: jmm
Date: 2014-07-09 05:20:51 +0000 (Wed, 09 Jul 2014)
New Revision: 3434

Modified:
   active/CVE-2014-4171
Log:
updated fix needed


Modified: active/CVE-2014-4171
===================================================================
--- active/CVE-2014-4171	2014-07-08 19:09:10 UTC (rev 3433)
+++ active/CVE-2014-4171	2014-07-09 05:20:51 UTC (rev 3434)
@@ -4,10 +4,12 @@
  bwh> shmem supports MADV_REMOVE since 2.6.16 but FALLOC_FL_PUNCH_HOLE
  bwh> was only added in 3.5.  I'm not sure whether this is exploitable
  bwh> before 3.5; in any case the fix looks difficult to backport.
+ jmm> Initial patch (f00cdc6df7d7cfcabb5b740911e6788cb0802bdb) was wrong:
+ jmm> https://lkml.org/lkml/2014/7/2/518
 Bugs:
-upstream: released (3.16-rc3) [f00cdc6df7d7cfcabb5b740911e6788cb0802bdb]
+upstream: needed
 2.6.32-upstream-stable:
-sid: released (3.14.10-1)
+sid: needed
 3.2-wheezy-security:
 2.6.32-squeeze-security:
 3.2-upstream-stable:




More information about the kernel-sec-discuss mailing list