[arch-security] Linux 3.14.3 (CVE-2014-0196)
Anatol Pomozov
anatol.pomozov at gmail.com
Mon May 12 11:41:00 EDT 2014
Hi
On Mon, May 12, 2014 at 8:36 AM, Pierre Schmitz <pierre at archlinux.de> wrote:
> Am 08.05.2014 12:16, schrieb Xan:
>
>> Hi,
>>
>> To everyone: this
>> [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0196]
>> affects us?
>>
>> Thanks,
>> Xan.
>
>
> Yes, here is a working exploit: (tested on 3.14.3-1-ARCH)
> http://www.openwall.com/lists/oss-security/2014/05/12/3
>
> I wonder why there is no new kernel release; seems pretty critical to me.
The fix is in the Linus tree (sha1=4291086b1f081b) and it is a green
light to include it into Arch package.
>
> Greetings,
>
> Pierre
>
> --
> Pierre Schmitz, https://pierre-schmitz.com
>
> _______________________________________________
> arch-security mailing list
> arch-security at archlinux.org
> https://mailman.archlinux.org/mailman/listinfo/arch-security
More information about the arch-security
mailing list