Revision history [back]
 | 1 | initial version | posted 2017-02-10 00:02:57 +0200  |
avoid setting up anonymous pages into file mapping in kernel CVE-2015-3288
This vulnerability (CVSS v3 Base Score: 7.8 High) has been fixed in kernel 3.4.111 on March 21st '16 but Jolla1-2.1.0 is still on kernel 3.4.108.20161101 and needs that patch to prevent local apps (from e.g. aptoide or apk_s/rpm_s from the web) from gaining root privileges.
| | 2 | No.2 Revision |
avoid setting up anonymous pages into file mapping in kernel CVE-2015-3288
This vulnerability (CVSS v3 Base Score: 7.8 High) has been fixed in kernel 3.4.111 on March 21st '16 but Jolla1-2.1.0 is still on kernel 3.4.108.20161101 and needs that patch to prevent local apps (from e.g. aptoide or apk_s/rpm_s from the web) from gaining root privileges.
edit 20170327: still not fixed in 2.1.0.10 ea
| | 3 | No.3 Revision |
avoid setting up anonymous pages into file mapping in kernel CVE-2015-3288
This vulnerability (CVSS v3 Base Score: 7.8 High) has been fixed in kernel 3.4.111 on March 21st '16 but Jolla1-2.1.0 is still on kernel 3.4.108.20161101 and needs that patch to prevent local apps (from e.g. aptoide or apk_s/rpm_s from the web) from gaining root privileges.
edit 20170327: still not fixed in 2.1.0.10 ea
edit 20170403: still not fixed in 2.1.0.11 ea