We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-08-24 09:32:37 +0200

avoid use-after-free in ep_remove_wait_queue in kernel-net-unix CVE-2013-7446

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

Patch for kernel-3.4 available.

files affected: kernel-adaptation-sbj-3.4.108.20161101.1/include/net/af_unix.h lines 59-64 kernel-adaptation-sbj-3.4.108.20161101.1/net/unix/af_unix.c lines 306 following...

avoid use-after-free in ep_remove_wait_queue in kernel-net-unix CVE-2013-7446

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

Patch for kernel-3.4 available.

files affected: kernel-adaptation-sbj-3.4.108.20161101.1/include/net/af_unix.h lines 59-64 kernel-adaptation-sbj-3.4.108.20161101.1/net/unix/af_unix.c lines 306 following...