github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 09:39:08 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1622 from tych0/CVE-2016-10229

Browse Source 
security events: add writeup of CVE-2016-10229
This commit is contained in:
Justin Cormack 2017-04-14 00:19:34 +01:00 committed by GitHub
commit e17e4bf286
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/security-events.md
View File

@ -9,5 +9,8 @@ The incomplete list below is an assessment of some CVEs, and LinuxKit's resilien
([exploit post](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html)):
This CVE requires `CONFIG_N_HDLC={y|m}`, which LinuxKit does not specify, and so
is not vulnerable.
* [CVE-2016-10229](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10229)
This CVE only applies to kernels `<= 4.5, <= 4.4.21`. By using recent kernels
(specifically, kernels `=> 4.9, >= 4.4.21`, LinuxKit mitigates this bug.
### Bugs not mitigated: