[Secure-testing-commits] r57567 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 11 21:38:34 UTC 2017
Author: carnil
Date: 2017-11-11 21:38:34 +0000 (Sat, 11 Nov 2017)
New Revision: 57567
Modified:
data/CVE/list
Log:
CVE-2016-2779: add information on workaround
Not a real solution but still add as reference to the respective CVE
entry.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-11 21:26:03 UTC (rev 57566)
+++ data/CVE/list 2017-11-11 21:38:34 UTC (rev 57567)
@@ -70676,11 +70676,13 @@
- util-linux <unfixed> (bug #815922)
[stretch] - util-linux <no-dsa> (Minor issue)
[jessie] - util-linux <no-dsa> (Minor issue)
- NOTE: Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list
[wheezy] - util-linux <not-affected> (runuser[.c] not yet present)
[squeeze] - util-linux <not-affected> (runuser[.c] not yet present)
+ NOTE: Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list
NOTE: http://www.openwall.com/lists/oss-security/2016/02/27/1
NOTE: https://marc.info/?l=util-linux-ng&m=145694736107128&w=2
+ NOTE: Upstream libseccomp based workaround:
+ NOTE: https://github.com/karelzak/util-linux/commit/8e4925016875c6a4f2ab4f833ba66f0fc57396a2
CVE-2016-XXXX [Partial SMAP bypass on 64-bit Linux kernels]
- linux 4.4.4-1
[jessie] - linux 3.16.7-ckt25-2+deb8u1
More information about the Secure-testing-commits
mailing list