Kernel RCE: CVE-2019-8912

HulaHoop February 21, 2019, 8:26pm 1

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9060cb719e61b685ec0102574e10337fa5f445ea

https://nvd.nist.gov/vuln/detail/CVE-2019-8912

TL;DR

Kernel RCE exploitable over network without any authentication. All versions affected.

Debian fix status tracking:
https://security-tracker.debian.org/tracker/CVE-2019-8912

Once a fix lands in stable we should make a new release.

1 Like

HulaHoop February 28, 2019, 7:33pm 2

Update:

We’re safe for now

[stretch] - linux (Vulnerable code introduced later)
[jessie] - linux (Vulnerable code introduced later)

1 Like

By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service, and Privacy Policy, Cookie Policy, E-Sign Consent DMCA Imprint

/* Here is room for styles for when Javascript is deactivated */ .topic-body { float: none; }