github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-10-08 19:23:47 +00:00
Code Issues Projects Releases Wiki Activity
Files
d92e19f02079350aef5107c0fbd86bcbf4cd72dd
linuxkit/docs/security-events.md
Tycho Andersen 90c7047973 docs: add a blurb about CVE-2017-1000363 
As of the time of this patch, the CVE was not available yet in the mitre
db.

Signed-off-by: Tycho Andersen <tycho@docker.com>
2017-05-23 16:03:00 -06:00

821 B
Raw Blame History

LinuxKit Security Events

The incomplete list below is an assessment of some CVEs, and LinuxKit's resilience (or not) to them.

Bugs mitigated:

  • CVE-2017-1000363: This CVE requires CONFIG_PRINTER=y, so we are not vulnerable.
  • CVE-2017-2636 (exploit post): This CVE requires CONFIG_N_HDLC={y|m}, which LinuxKit does not specify, and so is not vulnerable.
  • CVE-2016-10229 This CVE only applies to kernels <= 4.5, <= 4.4.21. By using recent kernels (specifically, kernels => 4.9, >= 4.4.21, LinuxKit mitigates this bug.

Bugs not mitigated: