Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#38737 - [linux] Vulnerability in x32 ABI for 64-bit mode may allow privilege escalation (CVE-2014-0038)

Attached to Project: Arch Linux
Opened by . (Thralas) - Thursday, 30 January 2014, 23:37 GMT
Last edited by Allan McRae (Allan) - Friday, 31 January 2014, 13:20 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture x86_64
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Linux v3.4+ is reportedly vulnerable to an undisclosed vulnerability in the X32 ABI, which should allow for local privilege escalation (CVE-2014-0038).

This likely affects all current kernel packages (normal/lts in stable/testing).

Discovered and patched by the PaX Team, refer to [1][2]. Patch contained in [3], I could not find an upstream fix nor a separate patch.

[1]: https://twitter.com/grsecurity/status/429012138963636224
[2]: https://grsecurity.net/changelog-test.txt
[3]: https://grsecurity.net/test/grsecurity-3.0-3.13.1-201401301657.patch
This task depends upon

Closed by  Allan McRae (Allan)
Friday, 31 January 2014, 13:20 GMT
Reason for closing:  Fixed
Additional comments about closing:  linux-3.13.1-2, linux-3.12.9-2
Comment by Allan McRae (Allan) - Friday, 31 January 2014, 01:38 GMT Comment by Bartłomiej Piotrowski (Barthalion) - Friday, 31 January 2014, 12:30 GMT
How is it directly related to our packages? We do not support x32 as native architecture or in [multilib].
Comment by Allan McRae (Allan) - Friday, 31 January 2014, 13:00 GMT
Although the title of the CVE suggests only CONFIG_X86_X32=y is required, it actually requires CONFIG_X86_X32_ABI which is additionally enabled at build time if ld can build x32 executables. So I'd agree we are fine.

Comment by Allan McRae (Allan) - Friday, 31 January 2014, 13:20 GMT
And I am wrong.... --disable-multilib does not remove ld support for x32. Fixed linux packages are in the repos.

Loading...