Buggy CVE-2017-1000364 patches segfaulting embedded VMs

Moritz Bechler bechler at agno3.eu
Fri Jun 23 09:15:12 UTC 2017


not sure whether this is the right list for this, but just so that maybe
not everybody has to figure this out on his own,

The custom kernel patches currently deployed by various Linux
distributions (from the looks of it at least RedHat, SUSE, Debian and
Ubuntu) for CVE-2017-1000364/Stack Clash contain a bug that causes the
VM initialization to SEGV ( _expandstack_to) if launched on the main
thread. This affects various embedded uses.

The upstream kernel patch seems to be fine, hopefully that will arrive
in the affected distributions shortly.




AgNO3 GmbH & Co. KG, Sitz Tübingen, Amtsgericht Stuttgart HRA 728731
Persönlich haftend:
Metagesellschaft mbH, Sitz Tübingen, Amtsgericht Stuttgart HRB 744820,
Vertreten durch Joachim Keltsch

More information about the core-libs-dev mailing list