ACK: [v2] [CVE-2015-8944] [Trusty/Vivid/Xenial] [PATCH 0/1] /proc/iomem: only expose physical resource addresses to privileged users
Colin Ian King
colin.king at canonical.com
Fri Jun 9 12:59:15 UTC 2017
On 09/06/17 13:56, Brad Figg wrote:
> CVE-2015-8944
>
> In commit c4004b02f8e5b ("x86: remove the kernel code/data/bss resources
> from /proc/iomem") I was hoping to remove the phyiscal kernel address
> data from /proc/iomem entirely, but that had to be reverted because some
> system programs actually use it.
>
> This limits all the detailed resource information to properly
> credentialed users instead.
>
> Linus Torvalds (1):
> /proc/iomem: only expose physical resource addresses to privileged
> users
>
> kernel/resource.c | 13 +++++++++++--
> 1 file changed, 11 insertions(+), 2 deletions(-)
>
Clean cherry pick, looks OK to me. Thanks Brad
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list