ACK: [SRU][Trusty][Zesty][PATCH 0/1] Fix for CVE-2017-14140
Stefan Bader
stefan.bader at canonical.com
Tue Dec 12 09:48:04 UTC 2017
On 07.12.2017 11:56, Kleber Sacilotto de Souza wrote:
> Only Trusty and Zesty are affected by CVE-2017-14140.
>
> The backport for Zesty was needed to adjust for context. Trusty
> doesn't have caaee6234d05a ("ptrace: use fsuid, fsgid, effective creds
> for fs access checks") which adds the definition and the checks for
> PTRACE_MODE_READ_REALCREDS, whoever checking for PTRACE_MODE_READ should
> be enough.
>
> Linus Torvalds (1):
> Sanitize 'move_pages()' permission checks
>
> mm/migrate.c | 11 +++--------
> 1 file changed, 3 insertions(+), 8 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20171212/14a736e5/attachment.sig>
More information about the kernel-team
mailing list