NACK: [trusty][PATCH 0/1] Fix for CVE-2018-5344
Kleber Souza
kleber.souza at canonical.com
Wed Feb 28 10:01:01 UTC 2018
On 01/31/18 17:47, Benjamin M Romer wrote:
> CVE-2018-5344:
>
> In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles
> lo_release serialization, which allows attackers to cause a denial of
> service (__lock_acquire use-after-free) or possibly have unspecified
> other impact.
>
> Linus Torvalds (1):
> loop: fix concurrent lo_open/lo_release
>
> drivers/block/loop.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
This fix has already been applied to Trusty and was released on
3.13.0-142.191.
Thanks,
Kleber
More information about the kernel-team
mailing list