CoreELEC use Kernel 4.9.269 and the Dirty Pipe vulnerability was fixed with Kernel 4.9.303.
When can we expect a kernel update?
CoreELEC use Kernel 4.9.269 and the Dirty Pipe vulnerability was fixed with Kernel 4.9.303.
When can we expect a kernel update?
Over the night.
Nightly or stable?
Both by lib/iov_iter: initialize "flags" in new pipe_buffer · CoreELEC/linux-amlogic@c461a82 · GitHub
Just to make you aware:
Kernel 4.9 had the uninitialized flags, but weakness could not be exploited.
This only started with Kernel 5.8 and a certain commit.
see https://dirtypipe.cm4all.com/
So the backport of the fix is not critical.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.
About | FAQ | Terms of Service | Privacy Policy | Legal Notice