FS#55602 - [linux-hardened] [Security] arbitrary code execution (CVE-2017-1000251)
Attached to Project:
Community Packages
Opened by Levente Polyak (anthraxx) - Tuesday, 12 September 2017, 18:43 GMT
Last edited by Daniel Micay (thestinger) - Wednesday, 13 September 2017, 07:55 GMT
Opened by Levente Polyak (anthraxx) - Tuesday, 12 September 2017, 18:43 GMT
Last edited by Daniel Micay (thestinger) - Wednesday, 13 September 2017, 07:55 GMT
|
Details
Summary
======= The package linux-hardened is vulnerable to arbitrary code execution via CVE-2017-1000251. Guidance ======== The patch should be backported. Extremely likely this is a denial of service, but potentially code exec may be possible even with CONFIG_CC_STACKPROTECTOR. References ========== https://security.archlinux.org/AVG-395 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3 https://www.armis.com/blueborne/ |
This task depends upon
Closed by Daniel Micay (thestinger)
Wednesday, 13 September 2017, 07:55 GMT
Reason for closing: Fixed
Additional comments about closing: 4.13.1.b
Wednesday, 13 September 2017, 07:55 GMT
Reason for closing: Fixed
Additional comments about closing: 4.13.1.b