From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mark H Weaver <mhw@netris.org>
Subject: bug#27429: Stack clash (CVE-2017-1000366 etc)
Date: Mon, 19 Jun 2017 23:31:38 -0400
Message-ID: <87efuf8hd1.fsf@netris.org>
References: <20170619222550.GA29289@jasmine.lan>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43869)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dN9te-0007E4-2F
	for bug-guix@gnu.org; Mon, 19 Jun 2017 23:32:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dN9ta-0000mn-Ul
	for bug-guix@gnu.org; Mon, 19 Jun 2017 23:32:06 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:54164)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1dN9ta-0000md-RG
	for bug-guix@gnu.org; Mon, 19 Jun 2017 23:32:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dN9ta-0001R3-I9
	for bug-guix@gnu.org; Mon, 19 Jun 2017 23:32:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.27429.B27429.14979295195508@debbugs.gnu.org>
In-Reply-To: <20170619222550.GA29289@jasmine.lan> (Leo Famulari's message of
	"Mon, 19 Jun 2017 18:25:50 -0400")
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: 27429@debbugs.gnu.org

Leo Famulari <leo@famulari.name> writes:

> This is a place to discuss the "stack crash" bugs as they apply to our
> packages.
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

I pushed commit 91c623aae0f10992aa46957b9072679534e4cd28 which adds a
kernel-side mitigation in the form of a larger stack guard gap (1 MiB)
to linux-libre-4.11, 4.9, and 4.4.

4.1 is still vulnerable.  So far I've been unable to find a backported
patch for that kernel.

       Mark