Tiny Core Base > TCB Bugs

DirtyPipe Vulnerability

(1/2) > >>

quest:
With TinyCore Linux extensively utilizing read-only filesystems, I wonder what impact the recently announced DirtyPipe vulnerability in the Linux kernel will have on it.

More info here: https://lwn.net/Articles/887056/

Will there by updates to TinyCore for patched versions of the kernel? Only for 13.x or will prior versions be covered too?

gadget42:
https://arstechnica.com/information-technology/2022/03/linux-has-been-bitten-by-its-most-high-severity-vulnerability-in-years/

sharing is caring

curaga:
It's a serious bug, but it's local. Someone needs to be able to run a program on your computer. As such, there probably won't be a mid-release kernel update for 13.x.

TC is typically not used for multi-user restricted systems, where this would be a larger concern.

alphons:
I anyone is interested,

I have made a CorePure64-13.0.iso having kernel 5.15.27 and same modules as the (official) latest TinyCore release.

Build from scratch, sources from kernel.org

The DirtyPipe is fixed on this one.

Filesize: 20MB

gadget42:
https://arstechnica.com/information-technology/2022/03/researcher-uses-dirty-pipe-exploit-to-fully-root-a-pixel-6-pro-and-samsung-s22/

sharing is caring

Navigation

[0] Message Index

[#] Next page