Le 12/08/2016 à 16:54, Greg Wooledge a écrit :
So the flaw appears to be in Linux kernels from 3.6 to 4.6 inclusive,
which includes Jessie (3.16) but not Wheezy (3.2) or earlier.
Why then is the sysctl present in the current Wheezy's 3.2 kernel ?
The patches which introduced the flawed feature were backported in
upstream 3.2.37 kernel.
<https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.37>
Debian regularly updates its kernels with more recent upstream releases
of the same series (here 3.2.x), although keeping the same version
(3.2.O) in the package name. The real version is currently 3.2.81.
