Mail archive

Re: [alpine-devel] CVE-2016-5195: Local privilege escalation exploit in Linux kernel

From: Timo Teras <>
Date: Fri, 21 Oct 2016 08:30:33 +0300


On Thu, 20 Oct 2016 21:53:03 -0700
"Kevin M. Gallagher" <> wrote:

> Details:
> Proof of concept:
> I'm using Alpine Linux for a time-urgent and security-critical project
> happening this weekend, and would really like to see this fixed.
> However, I'm not familiar with aports or the way you build kernels in
> Alpine. Is anyone available to update the kernel in linux-grsec in
> the 3.4-stable branch and/or backport the patch, sometime soon?

Depending on CVE extent we sometimes cherry-pick fixes. But this seems
bad enough that they released new upstream kernels with pretty much
nothing else than this fix. So we'll be upgrading to them shortly.


Received on Fri Oct 21 2016 - 08:30:33 GMT