On 10/28/2016 11:39 AM, yanosz wrote:
1. I'm unhappy with the state of OpenWRT at the moment. I see some trouble in building and releasing. The current code base has some bugs. I'ven't seen a fix for "mad cow" yet. For me it is hard to estimate whether OpenWRT is able to include, build and release critical patches over the next months in a timely fashion.
My impression is that CVE-2016-5195 (also known by it's marketing name for low-intellect individuals as "dirty COW") is mostly a non-issue on OpenWRT/LEDE. This is why you have not heard much about a response for it.
The exploit is a privilege escalation. However, almost everything on a standard LEDE/OpenWRT system already runs as root anyway, since these kinds of systems are not designed for multi-user scenarios.
Conversely, this exploit is a huge deal on Android for the very same reason it's a non-issue on LEDE/OpenWRT.
_______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
