FS#47831 - [linux-lts] CVE-2016-0728 isn't patched
Attached to Project:
Arch Linux
Opened by FiX (fix) - Wednesday, 20 January 2016, 12:16 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 20 January 2016, 17:33 GMT
Opened by FiX (fix) - Wednesday, 20 January 2016, 12:16 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 20 January 2016, 17:33 GMT
|
Details
It looks like CVE-2016-0728 is fixed in linux package but
not in linux-lts.
https://bugs.archlinux.org/task/47820 https://security-tracker.debian.org/tracker/CVE-2016-0728 More info on 0day: http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/ Exploit code from Perception Point: https://gist.github.com/PerceptionPointTeam/18b1e86d1c0f8531ff8 |
This task depends upon
Closed by Andreas Radke (AndyRTR)
Wednesday, 20 January 2016, 17:33 GMT
Reason for closing: Fixed
Additional comments about closing: 4.1.15-2
Wednesday, 20 January 2016, 17:33 GMT
Reason for closing: Fixed
Additional comments about closing: 4.1.15-2