[manjaro-security] [MSA-201601-1] linux: gain root access with keyring exploid
Philip Müller
philm at manjaro.org
Tue Jan 19 19:49:01 CET 2016
Am 19.01.2016 um 19:40 schrieb Philip Müller:
>
> Summary
> =======
>
> The package ntp before version 4.2.8.p5-1 is vulnerable to time alteration.
>
Correction: all current linux packages are affected by this issue:
core/linux310 3.10.94-1
core/linux312 3.12.52-1
core/linux313 3.13.11.32-1
core/linux314 3.14.58-1
core/linux316 3.16.7.22-1
core/linux318 3.18.25-1
core/linux319 3.19.8.12-1
core/linux41 4.1.15-1
core/linux42 4.2.8.1-1
core/linux43 4.3.3-3
core/linux44 4.4.0-2
The fix will be added with the upcoming kernel releases as this issue
needs local access to your PC and was available since 2012 ...
More information about the manjaro-security
mailing list