[CVE-2015-8944] [Trusty/Vivid/Xenial] [PATCH 0/1] /proc/iomem: only expose physical resource addresses to privileged users

Brad Figg brad.figg at canonical.com
Fri Jun 9 09:35:46 UTC 2017


CVE-2015-8944

In commit c4004b02f8e5b ("x86: remove the kernel code/data/bss resources
from /proc/iomem") I was hoping to remove the phyiscal kernel address
data from /proc/iomem entirely, but that had to be reverted because some
system programs actually use it.

This limits all the detailed resource information to properly
credentialed users instead.

Linus Torvalds (1):
  /proc/iomem: only expose physical resource addresses to privileged
    users

 kernel/resource.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

-- 
2.7.4




More information about the kernel-team mailing list