Hi All
I'm running 3.18.44-vs2.3.7.5-beng which is vulnerable to
CVE-2016-10229. I checked the code again the details in this link
http://ewen.mcneill.gen.nz/blog/entry/2017-04-17-cve-2016-10229-msg-peek/
A patch is mentioned
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=197c949e7798fbf28cfadc69d9ca0c2abbf93191
and I checked the source code and the issue is there.
I'm hoping that Ben can release patched kernel.
This is an issue for my systems as I do have systems running that use
the MSG_PEEK in udp services.
Thanks
MIke
Received on Mon May 1 02:43:11 2017