ACK: [SRU][Trusty][Zesty][PATCH 0/1] Fix for CVE-2017-14140
Khaled Elmously
khalid.elmously at canonical.com
Fri Jan 26 18:55:12 UTC 2018
On 2017-12-07 12:56:45 , Kleber Sacilotto de Souza wrote:
> Only Trusty and Zesty are affected by CVE-2017-14140.
>
> The backport for Zesty was needed to adjust for context. Trusty
> doesn't have caaee6234d05a ("ptrace: use fsuid, fsgid, effective creds
> for fs access checks") which adds the definition and the checks for
> PTRACE_MODE_READ_REALCREDS, whoever checking for PTRACE_MODE_READ should
> be enough.
>
> Linus Torvalds (1):
> Sanitize 'move_pages()' permission checks
>
> mm/migrate.c | 11 +++--------
> 1 file changed, 3 insertions(+), 8 deletions(-)
>
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>
More information about the kernel-team
mailing list