blob: 3b456ab04959d8c9114c7d210c6e2c4fd148a348 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: CONFIG_STRICT_DEVMEM does not prevent read/write of system RAM under 1MB
References:
http://www.openwall.com/lists/oss-security/2017/04/16/4
Notes:
bwh> This issue seems to include only read/write, as mmap is not
bwh> covered by the commit referenced. So I can't see a security
bwh> benefit in fixing just this, although there is a *stability*
bwh> benefit for newer versions with CONFIG_HARDENED_USERCOPY.
Bugs:
upstream: released (4.11-rc7) [a4866aa812518ed1a37d8ea0c881dc946409de94]
4.9-upstream-stable: released (4.9.24) [2c0ad235ac77f2fc2eee593bf06822cad772e0e2]
3.16-upstream-stable: released (3.16.46) [3cbd86d25eeb61e57cb3367fe302c271b0c70fb2]
3.2-upstream-stable: released (3.2.91) [b8f254aa17f720053054c4ecff3920973a83b9d6]
sid: released (4.9.25-1)
4.9-stretch-security: N/A "Fixed before branching point"
3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/x86/mm-Tighten-x86-dev-mem-with-zeroing-reads.patch b/debian/patches/bugfix/x86/mm-Tighten-x86-dev-mem-with-zeroing-reads.patch]
3.2-wheezy-security: released (3.2.93-1)
|
