[CVE-2016-3857] local privilege escalation under CONFIG_OABI_COMPAT

Luis Henriques luis.henriques at canonical.com
Fri Aug 26 09:22:55 UTC 2016

Initially I believed this CVE was Android-specific, but it actually
affects kernels with CONFIG_OABI_COMPAT enabled.  This means that Precise
kernels need this fix -- I've checked all other kernels and this config is
disabled (although this patch applies cleanly).

Dave Weinstein (1):
  arm: oabi compat: add missing access checks

 arch/arm/kernel/sys_oabi-compat.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

More information about the kernel-team mailing list