Kernel: CVE-2016-5195
Closed, ResolvedPublic

Description

There is a kernel privilege escalation bug that has been identified in many kernel. Not sure if the current release of VyOS is vulnerable. Can someone check? Thanks.

You can see more here:

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3

and here:

http://dirtycow.ninja/

Details

Difficulty level
Normal (likely a few hours)
Version
-
motoak created this task.Oct 21 2016, 4:16 AM
motoak updated the task description. (Show Details)
syncer lowered the priority of this task from Unbreak Now! to High.Nov 5 2016, 12:21 PM
syncer assigned this task to dmbaturin.
syncer added a project: VyOS 1.1.x.
syncer added subscribers: VyOS 1.1.x, syncer.

We should include fix in 1.1.8

syncer changed the edit policy from "Public (No Login Required)" to "Custom Policy".Aug 21 2017, 2:35 AM
syncer edited projects, added VyOS 1.1.x (1.1.8); removed VyOS 1.1.x.
syncer set Version to -.
syncer reassigned this task from dmbaturin to higebu.
syncer added a project: VyOS 1.2.x.
syncer edited subscribers, added: Maintainers; removed: syncer, VyOS 1.1.x.
syncer added a subscriber: dmbaturin.

Another CVE considered for 1.1.8

c-po added a subscriber: c-po.Mon, Aug 28, 12:25 PM

Fixed in Kernel 4.4.26. VyOS 1.2.x (development) uses 4.4.47.

syncer moved this task from Need Triage to In Progress on the VyOS 1.2.x board.Mon, Aug 28, 12:34 PM
c-po added a comment.Sun, Sep 3, 9:17 AM

Tag VyOS 1.2.x should be removed as CVE is already fixed.

syncer moved this task from In Progress to Finished on the VyOS 1.2.x board.Sun, Sep 3, 11:52 AM

Just added Finished Board for 1.2.x project
we likely will keep all there before include it in some milestone release

UnicronNL added subscribers: syncer, UnicronNL.

@syncer can we close this task? see @higebu fix..

syncer closed this task as Resolved.Wed, Sep 6, 1:46 PM
syncer moved this task from In Progress to Finished on the VyOS 1.1.x (1.1.8) board.

Resolving this and moving to finished