[trusty/linux artful/linux] CVE-2018-5750 -- raw pointer in diagnostics

Andy Whitcroft apw at canonical.com
Tue May 29 14:45:20 UTC 2018


CVE-2018-5750:
	Wang Qize discovered that an information disclosure vulnerability
	existed in the SMBus driver for ACPI Embedded Controllers in the
	Linux kernel. A local attacker could use this to expose sensitive
	information (kernel pointer addresses).

Cherrypicked this simple fix back to artful and trusty.  Other series
have this via stable and upstream.

Proposing for SRU to trusty and artful.

-apw




More information about the kernel-team mailing list