[SRU][Trusty][Zesty][PATCH 0/1] Fix for CVE-2017-14140
Kleber Sacilotto de Souza
kleber.souza at canonical.com
Thu Dec 7 11:56:45 UTC 2017
Only Trusty and Zesty are affected by CVE-2017-14140.
The backport for Zesty was needed to adjust for context. Trusty
doesn't have caaee6234d05a ("ptrace: use fsuid, fsgid, effective creds
for fs access checks") which adds the definition and the checks for
PTRACE_MODE_READ_REALCREDS, whoever checking for PTRACE_MODE_READ should
be enough.
Linus Torvalds (1):
Sanitize 'move_pages()' permission checks
mm/migrate.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
--
2.14.1
More information about the kernel-team
mailing list