dirtycow
Arkadiusz Miśkiewicz
arekm at maven.pl
Tue Oct 25 12:55:42 CEST 2016
On Tuesday 25 of October 2016, Elan Ruusamäe wrote:
> what's the status of pld-th kernels? which versions are patched? which
> versions are upstream fixed?
>
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Kernel
>
> https://dirtycow.ninja/
>
> - 4.4 branch https://github.com/pld-linux/kernel/tree/LINUX_4_4 - 4.4.27
> - updated 3 days ago - likely patched?
fixed versions are >= 4.4.26 ; see commit log
> - 3.18 branch https://github.com/pld-linux/kernel/tree/LINUX_3_18 -
> 3.18.43 - updated 11 days ago - not patched?
3.18.44+ has fix
4.8.3+ has fix
4.7 is EOL at upstream
> https://www.pld-linux.org/packages/kernel
>
> seems 4.4 lacks vserver support?
Yes, 4.1 series is latest one for vserver (>= 4.1.34-2 has dirtycow fix)
--
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
More information about the pld-devel-en
mailing list