** Information type changed from Private Security to Public Security
** Changed in: linux (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1421864
Title:
CVE-2015-1593 Linux ASLR integer overflow
Status in linux package in Ubuntu:
Confirmed
Bug description:
someone on irc was raging why ubuntu didnt already fix this issue:
http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
so i found out there was just given a cve for that http://seclists.org
/oss-sec/2015/q1/550 CVE-2015-1593
the patch is included in the description of this overflow:
http://hmarco.org/bugs/patches/fix_randomize_stack_top_properly_linux_3-17.1.patch
i didnt test the patch, but i would like that to be fixed :)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1421864/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
