Ref: http://seclists.org/oss-sec/2017/q2/259 ============================================ When a power failure (or hardware reset) occurs, applications writing to an ext4 filesystem system may create a situation in which writes to one file may appear in another file (ergo information leak). This may be at least data corruption, a controlled attacker may be able to leverage this to steal data from writes to the same ext4 subsystem. Reference: Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1450261 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=06bd3c36a733ac27962fea7d6f47168841376824 ============================================ Честно говоря, не очень понятно, в какой раздел писать security-reports, ибо отдельного раздела багзиллы security я не нашёл. :( Просьба, если нужно, перетащить репорт в правильный раздел.
Согласно https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7495 проблема в ядрах < 4.6.2. В alt-workstation-8.2_beta2 kernel-image-std-def-4.9.59-alt0.M80P.1.