[kernel-sec-discuss] r3913 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Sep 9 19:23:03 UTC 2015
Author: benh
Date: 2015-09-09 19:23:03 +0000 (Wed, 09 Sep 2015)
New Revision: 3913
Modified:
active/CVE-2015-2925
Log:
Update status of CVE-2015-2925, now apparently fixed upstream
Modified: active/CVE-2015-2925
===================================================================
--- active/CVE-2015-2925 2015-09-08 17:55:39 UTC (rev 3912)
+++ active/CVE-2015-2925 2015-09-09 19:23:03 UTC (rev 3913)
@@ -6,15 +6,16 @@
bwh> I was unable to reproduce using the instructions on oss-security
bwh> so I'm not clear exactly what goes wrong. However this appears
bwh> to be dependent on having CAP_SYS_ADMIN in a user namespace (to
- bwh> change therefore not relevant to older kernel versions.
+ bwh> change mounts) therefore not relevant to older kernel versions.
jmm> Split from CVE-2014-9717:
jmm> http://www.spinics.net/lists/linux-containers/msg30804.html (16/19)
jmm> http://www.spinics.net/lists/linux-containers/msg30798.html (17/19)
jmm> http://www.spinics.net/lists/linux-containers/msg30797.html (18/19)
jmm> http://www.spinics.net/lists/linux-containers/msg30802.html (19/19)
- bwh> I think the last four are needed for CVE-2015-2925, not CVE-2014-9717
+ bwh> Finally fixed upstream in a somewhat simpler way. Still unable
+ bwh> to reproduce it so I suspect it depends on hitting a race condition.
Bugs:
-upstream: needed
+upstream: pending (4.3-rc1) [cde93be45a8a90d8c264c776fab63487b5038a65, a03e283bf5c3d4851b4998122196ce9f849e6dfb, 397d425dc26da728396e66d392d5dcb8dac30c37]
2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
sid: needed
3.16-jessie-security: needed
More information about the kernel-sec-discuss
mailing list