FS#47820 : [linux] CVE-2016-0728 not patched

FS#47820 - [linux] CVE-2016-0728 not patched

Attached to Project: Arch Linux
Opened by Hubert Jarosz (Marqin) - Tuesday, 19 January 2016, 20:40 GMT
Last edited by Tobias Powalowski (tpowa) - Wednesday, 20 January 2016, 07:00 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Tobias Powalowski (tpowa) Thomas Bächler (brain0)
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	10 Patrick Houle (Buddlespit) (2016-01-20) Christian Hesse (eworm) (2016-01-20) Squiz (Squiz) (2016-01-20) M.Reynolds (TheChickenMan) (2016-01-20) Chih-Hsuan Yen (yan12125) (2016-01-20) Arup Roy Chowdhury (Arup) (2016-01-20) flacs (Tilka) (2016-01-20) Carlos Silva (r3pek) (2016-01-20) Darek (blablo) (2016-01-19) Hubert Jarosz (Marqin) (2016-01-19)
Private	No

Details

There had been found 0day in Linux Kernel 3.8+. Other distros have it already patched.

https://security-tracker.debian.org/tracker/CVE-2016-0728
More info on 0day: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
Exploit code from Perception Point: https://gist.github.com/PerceptionPointTeam/18b1e86d1c0f8531ff8f

This task depends upon

Closed by Tobias Powalowski (tpowa)
Wednesday, 20 January 2016, 07:00 GMT
Reason for closing: Fixed
Additional comments about closing: 4.3.3-3 4.4-4

Comment by Carlos Silva (r3pek) - Wednesday, 20 January 2016, 01:14 GMT

Commit that fixes the problem

https://github.com/torvalds/linux/commit/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#47820 - [linux] CVE-2016-0728 not patched

Details

Loading...