Bug#823603: linux: [Local root exploit] Use after free via double-fdput in bpf
Hi,
On Fri, May 06, 2016 at 01:06:42PM +0100, mike_b@tutanota.com wrote:
> Dear Maintainer,
>
> A local root privilege escalation exploit (no CVE currently available) for
> Linux >=4.4 was reported in:
>
> https://bugs.chromium.org/p/project-zero/issues/detail?id=808
>
> As far as I can tell, the bug does not yet appear in the Debian Security
> Tracker.
>
> -----
>
> The upstream fix can be found in that same link, or more directly at:
>
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7
>
> Other relevant links:
>
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-NNN1.html
This is pending in the packaging repository as
https://anonscm.debian.org/cgit/kernel/linux.git/commit/?h=sid&id=405645d78889b5effdcfbcc0d9ef6ba75a3ac40d
Regards,
Salvatore
Reply to: