[kernel-sec-discuss] r3928 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Sep 21 22:38:51 UTC 2015 

Author: benh
Date: 2015-09-21 22:38:50 +0000 (Mon, 21 Sep 2015)
New Revision: 3928

Modified:
   active/CVE-2015-2925
Log:
Update status of CVE-2015-2925

This has been fixed upstream, and I have working code to reproduce it.


Modified: active/CVE-2015-2925
===================================================================
--- active/CVE-2015-2925	2015-09-21 22:19:24 UTC (rev 3927)
+++ active/CVE-2015-2925	2015-09-21 22:38:50 UTC (rev 3928)
@@ -3,19 +3,16 @@
  http://thread.gmane.org/gmane.linux.kernel.containers/28939/
  https://marc.info/?l=oss-security&m=142805871412239&w=2
 Notes:
- bwh> I was unable to reproduce using the instructions on oss-security
- bwh> so I'm not clear exactly what goes wrong.  However this appears
- bwh> to be dependent on having CAP_SYS_ADMIN in a user namespace (to
+ bwh> This eesmt o be dependent on having CAP_SYS_ADMIN in a user namespace (to
  bwh> change mounts) therefore not relevant to older kernel versions.
  jmm> Split from CVE-2014-9717:
  jmm> http://www.spinics.net/lists/linux-containers/msg30804.html (16/19)
  jmm> http://www.spinics.net/lists/linux-containers/msg30798.html (17/19)
  jmm> http://www.spinics.net/lists/linux-containers/msg30797.html (18/19)
  jmm> http://www.spinics.net/lists/linux-containers/msg30802.html (19/19)
- bwh> Finally fixed upstream in a somewhat simpler way.  Still unable
- bwh> to reproduce it so I suspect it depends on hitting a race condition.
+ bwh> Finally fixed upstream in a somewhat simpler way.
 Bugs:
-upstream: pending (4.3-rc1) [cde93be45a8a90d8c264c776fab63487b5038a65, a03e283bf5c3d4851b4998122196ce9f849e6dfb, 397d425dc26da728396e66d392d5dcb8dac30c37]
+upstream: released (4.3-rc1) [cde93be45a8a90d8c264c776fab63487b5038a65, a03e283bf5c3d4851b4998122196ce9f849e6dfb, 397d425dc26da728396e66d392d5dcb8dac30c37]
 2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
 sid: pending (4.2-1) [bugfix/all/dcache-handle-escaped-paths-in-prepend_path.patch, bugfix/all/dcache-reduce-the-scope-of-i_lock-in-d_splice_alias.patch, bugfix/all/vfs-test-for-and-handle-paths-that-are-unreachable-f.patch]
 3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/namei-lift-open-coded-terminate_walk-in-follow_dotdo.patch, bugfix/all/dcache-handle-escaped-paths-in-prepend_path.patch, bugfix/all/vfs-test-for-and-handle-paths-that-are-unreachable-f.patch]

More information about the kernel-sec-discuss mailing list