FS#53242 - [linux] [linux-zen] [linux-lts] [linux-grsec] privilege escalation (CVE-2017-2636)
Attached to Project:
Arch Linux
Opened by Christian Rebischke (Shibumi) - Friday, 10 March 2017, 20:40 GMT
Last edited by Andreas Radke (AndyRTR) - Monday, 13 March 2017, 17:56 GMT
Opened by Christian Rebischke (Shibumi) - Friday, 10 March 2017, 20:40 GMT
Last edited by Andreas Radke (AndyRTR) - Monday, 13 March 2017, 17:56 GMT
|
Details
Summary
======= The package linux is vulnerable to privilege escalation via CVE-2017-2636. Guidance ======== There are different ways to fix this issue: 1. Applying the patch 2. Workaround via: # echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf References ========== https://security.archlinux.org/AVG-192 http://seclists.org/oss-sec/2017/q1/569 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be10eb7589337e5defbe214dae038a53dd21add8 |
This task depends upon
Upstream fix in tree is: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b