| nnyby | is a dirtypipe fix expected for ubuntu 18.04 and 20.04 soon? | 16:40 |
|---|---|---|
| sarnold | nnyby: the flaw depends upon two mistakes, only one of which existed in those releases; that one flaw will be addressed in next standard release, see the Notes at the end of https://ubuntu.com/security/CVE-2022-0847 or the knowledgebase article https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/DirtyPipe | 16:45 |
| ubottu | A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the syste... <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847> | 16:45 |
| nnyby | sarnold: thank you | 16:46 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!