blob: a94da6eca54ad84f9e67f3bed4b1e9aeb061d5a5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: mm: enforce min addr even if capable() in expand_downwards()
References:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
Notes:
bwh> This is effectively mitigated in stable branches that backported
bwh> the Stack Clash fixes without commit 32e4e6d5cbb0 "mm/mmap.c:
bwh> expand_downwards: don't require the gap if !vm_prev", as the
bwh> stack won't expand below stack_guard_gap. However Debian
bwh> security branches do include that commit.
Bugs:
upstream: released (5.0) [0a1d52994d440e21def1c2174932410b4f2a98a1]
4.19-upstream-stable: released (4.19.27) [de04d2973a62e4efb3de45e93bd46acd6d510e0a]
4.9-upstream-stable: released (4.9.162) [331fc4df776be3e5a88a1a9f08ef2f7e063ef1a9]
3.16-upstream-stable: released (3.16.66) [c90030281dc8b6a25ac8850e98e15877f80b8d66]
sid: released (4.19.28-1)
4.9-stretch-security: released (4.9.168-1)
3.16-jessie-security: released (3.16.64-1) [bugfix/all/mm-enforce-min-addr-even-if-capable-in-expand_downwa.patch]
|
