ACK: [Zesty SRU 0/3] CVE-2017-1000370 and CVE-2017-1000371
Kleber Souza
kleber.souza at canonical.com
Mon Dec 11 16:03:03 UTC 2017
On 12/08/17 16:29, Thadeu Lima de Souza Cascardo wrote:
> The patches fix both CVEs. The partial revert is necessary not to break
> AddressSanitizer.
>
> Tested on i386 that the exploit here [1] affects Zesty and is fixed by this
> patchset.
>
> Also tested that a simple program compiled with -fsanitize=address still warns
> about a memory leak on amd64 with this patchset.
>
> [1] https://www.exploit-db.com/exploits/42273/
>
> Kees Cook (3):
> binfmt_elf: use ELF_ET_DYN_BASE only for PIE
> arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
> mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
>
> arch/arm64/include/asm/elf.h | 12 ++++-----
> arch/x86/include/asm/elf.h | 13 +++++-----
> fs/binfmt_elf.c | 59 ++++++++++++++++++++++++++++++++++++++------
> 3 files changed, 64 insertions(+), 20 deletions(-)
>
Clean cherry-picks and it includes all the follow-up fixes from upstream.
Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
More information about the kernel-team
mailing list