Upstream fix in "URL" mentions: > Trinity discovered that we fail to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). RedHat bug in "See Also" mentions: > A local unprivileged user can use this flaw to increase their privileges on the system. Introduced in: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b0a873ebbf87bf38bf70b5e39a7cadc96099fa13 References: http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html https://news.ycombinator.com/item?id=5703758 http://packetstormsecurity.com/files/121616/semtex.c
Fix is present in the following kernels: # git tag --contains 8176cced706b5e5d15887584150764894e94e02f v3.9 v3.9-rc8 v3.9.1 v3.9.2 # git tag --contains ff91fd5bc105f29a34755a6dd6d547c877b7d027 v3.8.10 v3.8.11 v3.8.12 v3.8.13 v3.8.9 # git tag --contains da307d100cd4979e353e8265d0691263aa2a0086 v3.4.42 v3.4.43 v3.4.44 v3.4.45 # git tag --contains 3fc8fc1cc2d585c1f695f7de914063258aafe50e v3.2.45 # git tag --contains 456edf57d7a6fe1b238ec708b19063d78cf4b250 v3.0.75 v3.0.76 v3.0.77 v3.0.78 Immediate actions which I will take for sys-kernel/gentoo-sources within minutes: - Removal of affected v3.0.74, v3.2.41, v3.2.42, v3.2.43, v3.2.44, v3.4.34, v3.4.41, v3.6.11-r1, v3.6.11-r2. - Addition of v3.2.45. Delayed actions which will be taken for sys-kernel/gentoo-sources: - Removal of v3.7.10, v3.7.10-r1 once v3.8.13 has been stabilized.
+ 14 May 2013; Tom Wijsman <TomWij@gentoo.org> ChangeLog + -gentoo-sources-3.0.74.ebuild, -gentoo-sources-3.2.41.ebuild, + -gentoo-sources-3.2.42.ebuild, -gentoo-sources-3.2.43.ebuild, + -gentoo-sources-3.2.44.ebuild, +gentoo-sources-3.2.45.ebuild, + -gentoo-sources-3.4.34.ebuild, -gentoo-sources-3.4.41.ebuild, + -gentoo-sources-3.6.11-r1.ebuild, -gentoo-sources-3.6.11-r2.ebuild, Metadata + Linux patch 3.2.45. Removal of affected versions 3.0.74, 3.2.41, 3.2.42, + 3.2.43, 3.2.44, 3.4.34, 3.4.41, 3.6.11-r1, 3.6.11-r2; see bug #469854.
+ 22 Jun 2013; Tom Wijsman <TomWij@gentoo.org> +gentoo-sources-3.7.10-r1.ebuild, + -gentoo-sources-3.7.10.ebuild, metadata.xml: + Revision bump. Applied security patch to 3.7.10 such that the root exploit is + no longer present on the remaining arches, which have not responded to + stabilization in a long time, directly to stable as the patches involved are + stable; as per the decision in bug #338739 comment 44.
All upstream LTS kernels are including the patch; All sys-kernel/gentoo-sources ebuilds excluding sys-kernel/gentoo-sources-3.4.x have stable ebuilds containing the fix. sys-kernel/gentoo-sources-3.4.x is currently being stabilized in bug 522930.
Unable to check for sanity: > no match for package: =sys-kernel/gentoo-sources-3.4.113
THe 3.X is no longer in tree. Closing Bug.