oss-sec mailing list archives
[vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ
From: John Johansen <john.johansen () canonical com>
Date: Fri, 10 Jun 2016 14:46:23 -0700
This is a forward notification of a local priv escalation flaw from security () kernel org to the OSS security list. The CRD was for 2016-06-08 14:00:00 UTC. Patches attached to the email. The flaw in eCryptfs was assigned CVE-2016-1583. If backporting these patches to kernels pre 4.6 you may need to cherry-pick patch 6a480a7842545ec520a91730209ec0bae41694c1
Attachment:
2of3.patch
Description:
Attachment:
crasher.tar
Description:
Attachment:
1of3.patch
Description:
Attachment:
3of3.patch
Description:
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ John Johansen (Jun 10)
- Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ Willy Tarreau (Jun 10)
- Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ Solar Designer (Jun 22)