[kernel-sec-discuss] r3434 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jul 9 05:20:51 UTC 2014
Author: jmm
Date: 2014-07-09 05:20:51 +0000 (Wed, 09 Jul 2014)
New Revision: 3434
Modified:
active/CVE-2014-4171
Log:
updated fix needed
Modified: active/CVE-2014-4171
===================================================================
--- active/CVE-2014-4171 2014-07-08 19:09:10 UTC (rev 3433)
+++ active/CVE-2014-4171 2014-07-09 05:20:51 UTC (rev 3434)
@@ -4,10 +4,12 @@
bwh> shmem supports MADV_REMOVE since 2.6.16 but FALLOC_FL_PUNCH_HOLE
bwh> was only added in 3.5. I'm not sure whether this is exploitable
bwh> before 3.5; in any case the fix looks difficult to backport.
+ jmm> Initial patch (f00cdc6df7d7cfcabb5b740911e6788cb0802bdb) was wrong:
+ jmm> https://lkml.org/lkml/2014/7/2/518
Bugs:
-upstream: released (3.16-rc3) [f00cdc6df7d7cfcabb5b740911e6788cb0802bdb]
+upstream: needed
2.6.32-upstream-stable:
-sid: released (3.14.10-1)
+sid: needed
3.2-wheezy-security:
2.6.32-squeeze-security:
3.2-upstream-stable:
More information about the kernel-sec-discuss
mailing list