[PATCH 0/1][CVE-2016-0821][Trusty] include/linux/poison.h: fix LIST_POISON{1, 2} offset
Luis Henriques
luis.henriques at canonical.com
Mon Apr 18 14:04:42 UTC 2016
>From the CVE description:
The LIST_POISON feature in include/linux/poison.h in the Linux kernel
before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly
consider the relationship to the mmap_min_addr value, which makes it easier
for attackers to bypass a poison-pointer protection mechanism by triggering
the use of an uninitialized list entry, aka Android internal bug 26186802,
a different vulnerability than CVE-2015-3636.
Only Trusty is missing this CVE fix, all other kernels have it already
applied.
Vasily Kulikov (1):
include/linux/poison.h: fix LIST_POISON{1,2} offset
include/linux/poison.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
More information about the kernel-team
mailing list