diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-09-22 11:17:33 +0200 |
---|---|---|
committer | Martin Borg <martin.borg@enea.com> | 2017-09-22 14:14:07 +0200 |
commit | 43b5db409353d4316a2aad7e426fd713a4c01491 (patch) | |
tree | b80e7968661d012650645844219eb6f74e465ff9 /recipes-kernel/linux/linux-cavium_4.9.inc | |
parent | 00c79cf926477f504e42be8b1c8ec074e671b955 (diff) | |
download | meta-enea-bsp-arm-43b5db409353d4316a2aad7e426fd713a4c01491.tar.gz |
linux-cavium: CVE-2017-1000364
Fixes an issue in the size of the stack guard page on Linux,
specifically a 4k stack guard page is not sufficiently large
and can be "jumped" over (the stack guard page is bypassed),
this affects Linux Kernel versions 4.11.5 and earlier.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-1000364
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-1000364
https://blogs.oracle.com/wim/cve-2017-1000364
Upstream patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.50&id=cfc0eb403816c5c4f9667d959de5e22789b5421e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
Diffstat (limited to 'recipes-kernel/linux/linux-cavium_4.9.inc')
-rw-r--r-- | recipes-kernel/linux/linux-cavium_4.9.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-cavium_4.9.inc b/recipes-kernel/linux/linux-cavium_4.9.inc index 3a4eeb5..4508583 100644 --- a/recipes-kernel/linux/linux-cavium_4.9.inc +++ b/recipes-kernel/linux/linux-cavium_4.9.inc | |||
@@ -16,6 +16,7 @@ SRC_URI = "git://git@git.enea.com/linux/linux-cavium.git;protocol=ssh;name=machi | |||
16 | git://git@git.enea.com/linux/enea-kernel-cache.git;protocol=ssh;type=kmeta;name=metaenea;branch=${KENEABRANCH};destsuffix=enea-kernel-cache \ | 16 | git://git@git.enea.com/linux/enea-kernel-cache.git;protocol=ssh;type=kmeta;name=metaenea;branch=${KENEABRANCH};destsuffix=enea-kernel-cache \ |
17 | file://dts \ | 17 | file://dts \ |
18 | file://CVE-2017-7487.patch \ | 18 | file://CVE-2017-7487.patch \ |
19 | file://CVE-2017-1000364.patch \ | ||
19 | " | 20 | " |
20 | 21 | ||
21 | LINUX_KERNEL_TYPE = "tiny" | 22 | LINUX_KERNEL_TYPE = "tiny" |