** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux (Ubuntu Wily)
Status: New => Fix Committed
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New => Invalid
** Changed in: linux-lts-saucy (Ubuntu Precise)
Status: New => Invalid
** Description changed:
While working on KernelThreadSanitizer (KTSAN), a data race detector for
kernels, Dmitry Vyukov found a data race that can trick the kernel into
using unitialized memory. - This can at least give access to arbitrary
SysV shared memory and Dmitry developed a proof of concept exploit for
this. (On many systems, this can be used to escalate privileges). -
While we didn't investigate this deeply, it is almost certain that this
vulnerability can be used to gain arbitrary code execution in the
kernel. Exercise left to the reader.
+
+ Break-Fix: - b9a532277938798b53178d5a66af6e2915cb27cf
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1502032
Title:
CVE-2015-7613
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1502032/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
