We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-08-24 09:23:38 +0200

lpr gravatar image

Fix crash when attempt to garbage collect an uninstantiated keyring in kernel-security-KEYS CVE-2015-7872

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

Patch for Kernel-3.4 available.

file affected: kernel-adaptation-sbj-3.4.108.20161101.1/security/keys/gc.c lines 174-178

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49