Control: reassign -1 src:linux 4.9.2-2 Control: close -1 4.9.6-3 Control: severity -1 serious Control: tag -1 security
On Tue, 2017-02-07 at 11:14 -0500, Daniel Kahn Gillmor wrote: > On Tue 2017-02-07 10:49:39 -0500, Daniel Kahn Gillmor wrote: > > git clone https://0xacab.org/dkg/debian-bug-854421 > > cd debian-bug-854421 > > make > > interestingly, on at least one machine i try this on, getting it to > reproduce is very infrequent with plain "make", even with the 20 tries > on kernel version 4.9.2-2. It's much less likely to happen if there's only one CPU. > however, "make strace" seems to tickle the bug further, and makes it > much more likely to reproduce on 4.9.2-2, even though it's only one > try. > > with kernel 4.9.6-3 i haven't been able to reproduce it with either > "make" or "make strace". This is CVE-2017-5550, fixed by: https://git.kernel.org/linus/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb Ben. -- Ben Hutchings One of the nice things about standards is that there are so many of them.
signature.asc
Description: This is a digitally signed message part