Re: CVE-2017-5754 - ETA?

To: debian-user@lists.debian.org
Subject: Re: CVE-2017-5754 - ETA?
From: Jack Dangler <tdldev@gmail.com>
Date: Fri, 12 Jan 2018 10:51:34 -0500
Message-id: <[🔎] bcc0ad86-4fe7-f387-6272-15c4d7866577@gmail.com>
In-reply-to: <[🔎] alpine.DEB.2.20.1801120956370.4931@localhost>
References: <[🔎] CA+AKB6H3bbKZueJO_jXcuG9WLnR4t-Laukvbe3Q9C8yx_g2Ehw@mail.gmail.com> <[🔎] 20180104204742.bx7yeejh2fesiept@qor.donarmstrong.com> <[🔎] 20180112132217.GA12433@cventin.lip.ens-lyon.fr> <[🔎] alpine.DEB.2.20.1801120956370.4931@localhost>


On 01/12/2018 10:00 AM, bw wrote:


On Fri, 12 Jan 2018, Vincent Lefevre wrote:

According to answers on

   https://security.stackexchange.com/questions/176624/how-do-i-check-if-kpti-is-enabled-on-linux/176654

linux-image-4.9.0-5-amd64 4.9.65-3+deb9u2 is still vulnerable as shown
below:

# dmesg | grep -i isolation

You should get either

[    0.000000] Kernel/User page tables isolation: enabled
or
[    0.000000] Kernel/User page tables isolation: disabled

Search with dmesg | less it's about two pages down for me,

$ uname -a
Linux debian 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04)
x86_64 GNU/Linux

I tried this on my Ubu workstation and didnt get anything back...
$ dmesg | grep -i isolation
$
$ uname -a

Linux 4.10.0-40-generic #44~16.04.1-Ubuntu SMP Thu Nov 9 15:37:44 UTC2017 x86_64 x86_64 x86_64 GNU/Linux

Reply to:

Follow-Ups:
- Re: CVE-2017-5754 - ETA?
  - From: Roberto C. Sánchez <roberto@debian.org>

References:
- CVE-2017-5754 - ETA?
  - From: francis picabia <fpicabia@gmail.com>
- Re: CVE-2017-5754 - ETA?
  - From: Don Armstrong <don@debian.org>
- Re: CVE-2017-5754 - ETA?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: CVE-2017-5754 - ETA?
  - From: bw <bwtnguy@yahoo.com>

Prev by Date: Re: Why was this package removed but apt?
Next by Date: Re: CVE-2017-5754 - ETA?
Previous by thread: Re: CVE-2017-5754 - ETA?
Next by thread: Re: CVE-2017-5754 - ETA?
Index(es):
- Date
- Thread