We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-04-26 12:00:28 +0200

fix use-after-free in sys_ioprio_get() in kernel critical CVE-2016-7911

Description

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

This patch should fix it.

File affected: kernel-adaptation-sbj-3.4.108.20161101.1/fs/ioprio.c lines 145-152

fix use-after-free in sys_ioprio_get() in kernel critical CVE-2016-7911

Description

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

CVSS v3 Base Score: 7.8 High

This patch should fix it.

File affected: kernel-adaptation-sbj-3.4.108.20161101.1/fs/ioprio.c lines 145-152