Buggy CVE-2017-1000364 patches segfaulting embedded VMs
Moritz Bechler
bechler at agno3.eu
Fri Jun 23 09:15:12 UTC 2017
Hi,
not sure whether this is the right list for this, but just so that maybe
not everybody has to figure this out on his own,
The custom kernel patches currently deployed by various Linux
distributions (from the looks of it at least RedHat, SUSE, Debian and
Ubuntu) for CVE-2017-1000364/Stack Clash contain a bug that causes the
VM initialization to SEGV ( _expandstack_to) if launched on the main
thread. This affects various embedded uses.
The upstream kernel patch seems to be fine, hopefully that will arrive
in the affected distributions shortly.
http://www.openwall.com/lists/oss-security/2017/06/22/6
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865549
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1699772
https://e2e.ti.com/support/development_tools/code_composer_studio/f/81/t/604567
regards
Moritz
--
AgNO3 GmbH & Co. KG, Sitz Tübingen, Amtsgericht Stuttgart HRA 728731
Persönlich haftend:
Metagesellschaft mbH, Sitz Tübingen, Amtsgericht Stuttgart HRB 744820,
Vertreten durch Joachim Keltsch
More information about the core-libs-dev
mailing list