LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Reload this Page Vulnerability in 4.9.x kernels
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 02-22-2017, 04:15 PM   #1
1337_powerslacker
Member
 
Registered: Nov 2009
Location: Kansas, USA
Distribution: Slackware64-15.0
Posts: 862
Blog Entries: 9

Rep: Reputation: 592Reputation: 592Reputation: 592Reputation: 592Reputation: 592Reputation: 592
Vulnerability in 4.9.x kernels

I was just made aware of a kernel vulnerability via Phoronix's article. Please note that the recently released 4.9.11 does not include this patch! I have included this patch so as to rapidly facilitate patching of the kernel.

Happy Slacking!

Regards,

Matt
Attached Files
File Type: txt kernel_patch.patch.txt (418 Bytes, 39 views)
 
Old 02-22-2017, 06:57 PM   #2
chris.willing
Member
 
Registered: Jun 2014
Location: Brisbane, Australia
Distribution: Slackware,LFS
Posts: 915

Rep: Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619Reputation: 619
Looking at the phoronix artcle and noting that CONFIG_IP_DCCP=m in my (stock standard) kernel configuration for 14.2, it seems there could only be a vulnerability if the relevant module (dccp) is loaded. I can load it manually but it wasn't loaded when I first checked. From that, I assume my system is not generally in any danger from this vulnerability. I wonder what usage scenario loads the dccp module?

BTW its presumably not just 4.9.x kernels that affected if the vulnerability was introduced in (at least) 2006.

chris
Last edited by chris.willing; 02-25-2017 at 05:01 PM. Reason: not jut 4.9.x kernels
 
4 members found this post helpful.
Old 02-25-2017, 12:27 PM   #3
alex14641
Member
 
Registered: Feb 2016
Distribution: Slackware64_14.2, Slackware 15.0, Slackware64_current
Posts: 322

Rep: Reputation: Disabled
The fix for this issue is in the upcoming 4.9/4.4 kernel releases.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vulnerability scanning using NMAP on CVE-2014-0322 vulnerability,check vulnerable meeiyoke Linux - Security 2 06-06-2014 05:09 PM
vulnerability scanning using NMAP on CVE-2014-0322 vulnerability,check vulnerable . meeiyoke Linux - Newbie 1 06-06-2014 12:14 PM
linux kernels-2.6 local root vulnerability dolphin77 Slackware 4 08-19-2010 04:34 AM
backward compatibility in kernels + custom kernels + more queries mmp_3341 Linux - Kernel 1 04-12-2007 07:28 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:06 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration