[CVE-2016-6213][PATCH 0/1] mnt: Add a per mount namespace limit on the number of mounts

Luis Henriques luis.henriques at canonical.com
Wed Nov 16 12:10:01 UTC 2016


Following this email I'm sending the CVE-2016-6213 fix backports for trusty,
vivid, xenial and yakkety.  Most of the backport work was context adjustment.

I've also tested the trusty and xenial kernels using the suggested reproducer: I
was able to reproduce the crash, and verified that the patched kernels seem to
have the issue fixed.

Eric W. Biederman (1):
  mnt: Add a per mount namespace limit on the number of mounts

 Documentation/sysctl/fs.txt |  7 +++++++
 fs/mount.h                  |  2 ++
 fs/namespace.c              | 49 ++++++++++++++++++++++++++++++++++++++++++++-
 fs/pnode.c                  |  2 +-
 fs/pnode.h                  |  1 +
 include/linux/mount.h       |  2 ++
 kernel/sysctl.c             |  9 +++++++++
 7 files changed, 70 insertions(+), 2 deletions(-)





More information about the kernel-team mailing list