[CVE-2011-0726] proc: protect mm start_code/end_code in /proc/pid/stat
Stefan Bader
stefan.bader at canonical.com
Tue Jun 21 12:26:37 UTC 2011
On 21.06.2011 11:35, Andy Whitcroft wrote:
> CVE-2011-0726
> ASLR leak in /proc/pid/stat for mm start_code
>
> This has hit Lucid and later via mainline/upstream stable. This needed
> for Hardy, Lucid/fsl-imx51, and Maverick/ti-omap4. Note that for Hardy
> an additional pre-requisite commit is required which also seems to fix
> a number of related ASLR leaks in the same file.
>
> Proposing for Hardy, Lucid/fsl-im51, and Maverick/ti-omap4.
>
> -apw
>
For other (non-Hardy) the patch looks reasonable and according to the descriptions.
Hardy (64bit) was tested running as dom0 and was behaving as expected. The
qa-regression tests passed and it was still possible to launch a domU.
Acked-by: Stefan Bader <stefan.bader at canonical.com>
More information about the kernel-team
mailing list