~alpine/devel

4 3

[alpine-devel] CVE-2016-5195: Local privilege escalation exploit in Linux kernel

Kevin M. Gallagher
Details
Message ID
<CABXMHjXy0Su3Copu5hBOdq=dwt4ET9KJD3WE-_ca+niyEnxsTg@mail.gmail.com>
Sender timestamp
1477025583
DKIM signature
missing
Download raw message
Details:

http://dirtycow.ninja/
https://lkml.org/lkml/2016/10/19/860

Proof of concept:
https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c

I'm using Alpine Linux for a time-urgent and security-critical project
happening this weekend, and would really like to see this fixed. However,
I'm not familiar with aports or the way you build kernels in Alpine. Is
anyone available to update the kernel in linux-grsec in the 3.4-stable
branch and/or backport the patch, sometime soon?

best,
Kevin
Kevin M. Gallagher
Details
Message ID
<CABXMHjXs_tmFApb=3MDK+-3HyNRyZ-AFSocLwog-wS0B9Qj63g@mail.gmail.com>
In-Reply-To
<20161021103807.707115f3@ncopa-desktop.copa.dup.pw> (view parent)
Sender timestamp
1477039832
DKIM signature
missing
Download raw message
Great to hear. Thanks a lot, Natanael!

On Fri, Oct 21, 2016 at 1:38 AM, Natanael Copa <ncopa@alpinelinux.org>
wrote:

> On Thu, 20 Oct 2016 21:53:03 -0700
> "Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:
>
> > Details:
> >
> > http://dirtycow.ninja/
> > https://lkml.org/lkml/2016/10/19/860
> >
> > Proof of concept:
> > https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c
> >
> > I'm using Alpine Linux for a time-urgent and security-critical project
> > happening this weekend, and would really like to see this fixed. However,
> > I'm not familiar with aports or the way you build kernels in Alpine. Is
> > anyone available to update the kernel in linux-grsec in the 3.4-stable
> > branch and/or backport the patch, sometime soon?
>
> Yes. Updated kernels will be available with an hour or two. At least
> for edge and v3.4.
>
> -nc
>
Kevin M. Gallagher
Details
Message ID
<CABXMHjWT-8PKAraRmZSvsEunNMGSXLsb4njaARXotM=fw4PnjA@mail.gmail.com>
In-Reply-To
<CABXMHjXs_tmFApb=3MDK+-3HyNRyZ-AFSocLwog-wS0B9Qj63g@mail.gmail.com> (view parent)
Sender timestamp
1477041820
DKIM signature
missing
Download raw message
I just tried to execute the proof-of-concept on Alpine, and it didn't work
(the file is supposed to be overwritten). No grsec messages logged, but I
figure maybe it's not effective under grsecurity for some reason. Still a
good idea to patch anyway...

On Fri, Oct 21, 2016 at 1:50 AM, Kevin M. Gallagher <
kevingallagher@gmail.com> wrote:

> Great to hear. Thanks a lot, Natanael!
>
> On Fri, Oct 21, 2016 at 1:38 AM, Natanael Copa <ncopa@alpinelinux.org>
> wrote:
>
>> On Thu, 20 Oct 2016 21:53:03 -0700
>> "Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:
>>
>> > Details:
>> >
>> > http://dirtycow.ninja/
>> > https://lkml.org/lkml/2016/10/19/860
>> >
>> > Proof of concept:
>> > https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c
>> >
>> > I'm using Alpine Linux for a time-urgent and security-critical project
>> > happening this weekend, and would really like to see this fixed.
>> However,
>> > I'm not familiar with aports or the way you build kernels in Alpine. Is
>> > anyone available to update the kernel in linux-grsec in the 3.4-stable
>> > branch and/or backport the patch, sometime soon?
>>
>> Yes. Updated kernels will be available with an hour or two. At least
>> for edge and v3.4.
>>
>> -nc
>>
>
>
Timo Teras
Details
Message ID
<20161021083033.2368d30b@vostro.util.wtbts.net>
In-Reply-To
<CABXMHjXy0Su3Copu5hBOdq=dwt4ET9KJD3WE-_ca+niyEnxsTg@mail.gmail.com> (view parent)
Sender timestamp
1477027833
DKIM signature
missing
Download raw message
Hi,

On Thu, 20 Oct 2016 21:53:03 -0700
"Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:

> Details:
> 
> http://dirtycow.ninja/
> https://lkml.org/lkml/2016/10/19/860
> 
> Proof of concept:
> https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c
> 
> I'm using Alpine Linux for a time-urgent and security-critical project
> happening this weekend, and would really like to see this fixed.
> However, I'm not familiar with aports or the way you build kernels in
> Alpine. Is anyone available to update the kernel in linux-grsec in
> the 3.4-stable branch and/or backport the patch, sometime soon?

Depending on CVE extent we sometimes cherry-pick fixes. But this seems
bad enough that they released new upstream kernels with pretty much
nothing else than this fix. So we'll be upgrading to them shortly.

Thanks.
Timo


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Natanael Copa
Details
Message ID
<20161021103807.707115f3@ncopa-desktop.copa.dup.pw>
In-Reply-To
<CABXMHjXy0Su3Copu5hBOdq=dwt4ET9KJD3WE-_ca+niyEnxsTg@mail.gmail.com> (view parent)
Sender timestamp
1477039087
DKIM signature
missing
Download raw message
On Thu, 20 Oct 2016 21:53:03 -0700
"Kevin M. Gallagher" <kevingallagher@gmail.com> wrote:

> Details:
> 
> http://dirtycow.ninja/
> https://lkml.org/lkml/2016/10/19/860
> 
> Proof of concept:
> https://github.com/dirtycow/dirtycow.github.io/blob/master/dirtyc0w.c
> 
> I'm using Alpine Linux for a time-urgent and security-critical project
> happening this weekend, and would really like to see this fixed. However,
> I'm not familiar with aports or the way you build kernels in Alpine. Is
> anyone available to update the kernel in linux-grsec in the 3.4-stable
> branch and/or backport the patch, sometime soon?

Yes. Updated kernels will be available with an hour or two. At least
for edge and v3.4.

-nc


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---