blob: 66f6fa15395aa3424350550e4106a2235698c0c5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Description: local information disclosure
References:
https://github.com/johnsonwangqize/cve-linux/blob/master/CVE-2018-5995.md
Notes:
bwh> The upstream fix was to obscure formatted pointer values by
bwh> default. This carries a high risk of regression so I don't
bwh> think it should be backported. A more targetted fix should
bwh> be possible.
carnil> 4.9 stretch-security marked as ignored for tracking given the
carnil> kernel log is restricted to root by default. But as 4.9.171
carnil> includes the fix the fix will land in a stretch point release
carnil> as well. So not retiring it yet to mark the fixed version
carnil> later on.
Bugs:
upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
4.19-upstream-stable: N/A "Fixed before branch point"
4.9-upstream-stable: released (4.9.171) [2c4ae3a694fabfc19b0fc6e65d530a7cdb542bda]
3.16-upstream-stable: released (3.16.67) [14c2d9209a135872def8508e3f19c74f0f3fee52]
sid: released (4.15.4-1)
4.19-buster-security: N/A "Fixed before branching point"
4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/percpu-stop-printing-kernel-addresses.patch]
3.16-jessie-security: released (3.16.68-1)
|
