[CVE A/B] CVE-2018-11508 -- compat_get_timex information leak
Andy Whitcroft
apw at canonical.com
Fri Jun 8 14:29:06 UTC 2018
CVE-2018-11508:
The compat_get_timex function in kernel/compat.c in the
Linux kernel before 4.16.9 allows local users to obtain
sensitive information from kernel memory via adjtimex.
Following this email is a patch for bionic/linux and artful/linux. This
is a clean cherry-pick in both series. Earlier series are unaffected by
this issue.
Proposing for SRU to artful and bionic.
-apw
More information about the kernel-team
mailing list