CVE-2017-1000364 Advisory

Joshua R. Poulson jrp at pun.org
Fri Jun 23 02:47:39 UTC 2017


We are definitely seeing customer applications affected by increased
stack size requirements, especially with jsvc. I am advising a minimum
setting of JSVC_EXTRA_OPTS to add "-Xss1280k"

Thanks, --jrp

On Thu, Jun 22, 2017 at 11:01 AM, Stefan Bader
<stefan.bader at canonical.com> wrote:
>
> Hi,
>
> We are investigating a possible regression for the recently released Ubuntu
> kernel versions provided on Monday, June 19th for CVE-2017-1000364 [1]. The
> regression experienced can be seen as an increased level of segmentation faults
> on the patched machines. We believe other major Linux distributions are also
> affected by this regression.
>
> Users of Ubuntu should evaluate their scenario and decide if upgrading to
> mitigate CVE-2017-1000364 is correct for their environment at this time.
>
> We will keep you updated and let you know once we have identified a workaround
> or resolution to this problem.
>
> Regards,
> The Canonical Kernel Team
>
> [1] - https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000364.html
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>



More information about the kernel-team mailing list