Leo Famulari <l...@famulari.name> writes:
> This is a place to discuss the "stack crash" bugs as they apply to our
> packages.
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
I pushed commit 91c623aae0f10992aa46957b9072679534e4cd28 which adds a
kernel-side mitigation in the form of a larger stack guard gap (1 MiB)
to linux-libre-4.11, 4.9, and 4.4.
4.1 is still vulnerable. So far I've been unable to find a backported
patch for that kernel.
Mark
