oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2016-5696: linux kernel - challange ack information leak.

From: Sona Sarmadi <sona.sarmadi () enea com>
Date: Tue, 16 Aug 2016 20:15:49 +0200


On 2016-08-15 09:53, Greg KH wrote:

On Mon, Aug 15, 2016 at 06:23:04AM +0000, Sona Sarmadi wrote:

This vulnerability is currently only fixed in mainline kernels (4.7 &
4.8). Does anyone know if there is any work ongoing to backport this
fix to the  older versions?

I just added the fix for this issue to the stable kernel queues and it will
show up in the next stable releases, in about 2 days after it passes all of
the needed review.

Hope this helps,

greg k-h

Great, thanks, this helps :)

You can _always_ just apply the patch to your local tree, there's never
a need to wait for me to get a kernel out.  That's the advantage of
having the source for your systems :)

Yes, we can do that but sometimes the patches for newer kernels don't
apply cleanly on older versions.
There is always a risk that our home grown patches have undesired side
effects. We prefer your sign of approval on patches for older kernels :)

Cheers
//Sona



thanks,

greg k-h
Previous By Date Next
Previous By Thread Next

Current thread: