Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 14 Aug 2009 13:38:36 +0200
From: Marcus Meissner <>
Subject: Re: CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc

On Fri, Aug 14, 2009 at 09:12:52AM +0800, Eugene Teo wrote:
> Marcus Meissner wrote:
> > Apparently new root exploit from Brad, see his twitter:
> >
> > 
> > The video is a bit sick in my opinion.
> > 
> > Disclosed apparently next week.
> So, the cat is out of the bag. The exploit is available, but so is the
> patch.

Just for the record, the other members of the affected struct were audited for
NULL checks and found clean.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ