github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-11-04 13:36:56 +00:00
Code Issues Projects Releases Wiki Activity
Files
1748a69f2ac67e1910c9fbcd60fc24d2db23ae89
linuxkit/docs/security-events.md
Tycho Andersen d92560402d security events: add writeup of CVE-2016-10229 
Signed-off-by: Tycho Andersen <tycho@docker.com>
2017-04-13 10:15:33 -06:00

17 lines
675 B
Markdown
Raw Blame History

# LinuxKit Security Events
The incomplete list below is an assessment of some CVEs, and LinuxKit's resilience
(or not) to them.
### Bugs mitigated:
* [CVE-2017-2636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2636)
([exploit post](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html)):
This CVE requires `CONFIG_N_HDLC={y|m}`, which LinuxKit does not specify, and so
is not vulnerable.
* [CVE-2016-10229](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10229)
This CVE only applies to kernels `<= 4.5, <= 4.4.21`. By using recent kernels
(specifically, kernels `=> 4.9, >= 4.4.21`, LinuxKit mitigates this bug.
### Bugs not mitigated:
Reference in New Issue View Git Blame Copy Permalink