-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2015/4/1 22:24, mancha security wrote: > On Mon, Mar 30, 2015 at 02:25:24AM +0100, Ben Hutchings wrote: >> On Sun, 2015-03-29 at 14:58 +0000, mancha security wrote: >>> Hi Greg et al. >>> >>> Many DRAM modules are susceptible to disturbance errors as outlined >>> by Kim et al. in June of last year [1]. More recently, a methodology >>> to exploit these memory cell interactions to escalate privileges on >>> Linux was made public by Google's Project Zero [2]. >>> >>> One attack vector detailed in their methodology uses information >>> gleaned from virtual page - frame maps. As a hardening/mitigation >>> response, ab676b7d6fbf [3] restricts access to /proc/*/pagemap to >>> privileged userspace. >>> >>> I noticed 3.14.37 was the only LT kernel to receive a backport of >>> this mitigation. Attached please find a backport for use on 3.10.y >>> (candidate for inclusion in 3.10.74). >>> >>> 3.12.y and 3.18.y can probably use [3] pretty much directly while >>> 3.2.y and 3.4.y can likely use my patch with a little offset TLC. >> >> This backport seems to work for 3.2, thanks. >> >> Ben. > > Great to hear. > > At this point, seems only 3.4.y and 3.10.y are missing (both can use my > backport). > Queued up for 3.4. Thanks! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlUl0NkACgkQWyV2+h1UztO4DACfVyfyksm08JBBdK1BZNvOe5Q+ iVcAn3dazolDqNGi7cgIIEGhVFWhbamf =6C1n -----END PGP SIGNATURE----- -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html