[kernel-sec-discuss] r5038 - active
Ben Hutchings
benh at moszumanska.debian.org
Tue Mar 7 00:55:09 UTC 2017
Author: benh
Date: 2017-03-07 00:55:09 +0000 (Tue, 07 Mar 2017)
New Revision: 5038
Modified:
active/CVE-2015-8709
Log:
Note some upstream commits related to CVE-2015-8709
Modified: active/CVE-2015-8709
===================================================================
--- active/CVE-2015-8709 2017-03-07 00:54:45 UTC (rev 5037)
+++ active/CVE-2015-8709 2017-03-07 00:55:09 UTC (rev 5038)
@@ -9,6 +9,11 @@
bwh> Dependencies:
bwh> 3dfb7d8cdbc7 security: let security modules use PTRACE_MODE_* with bitmasks
bwh> caaee6234d05 ptrace: use fsuid, fsgid, effective creds for fs access checks
+ bwh> Related:
+ bwh> 64b875f7ac8a ptrace: Capture the ptracer's creds not PT_PTRACE_CAP
+ bwh> 84d77d3f06e7 ptrace: Don't allow accessing an undumpable mm
+ bwh> f84df2a6f268 exec: Ensure mm->user_ns contains the execed files
+ bwh> 613cc2b6f272 fs: exec: apply CLOEXEC before changing dumpable task flags
Bugs:
upstream: released (4.10-rc1) [bfedb589252c01fa505ac9f6f2a3d5d68d707ef4]
4.9-upstream-stable: released (4.9.1) [694a95fa6dae4991f16cda333d897ea063021fed]
More information about the kernel-sec-discuss
mailing list