Date: Mon, 19 Apr 2010 09:46:44 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: Michael Gilbert <michael.s.gilbert@...il.com> Subject: Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove Hi Michael, On 04/18/2010 06:15 AM, Michael Gilbert wrote: > On Thu, 04 Mar 2010 17:03:58 +0800 Eugene Teo wrote: > >> Heads-up. You might want to backport this if your kernel is affected. We >> are not requesting a CVE name for this as it does not affect any of our >> Red Hat supported kernels. > > are you sure about this? i see the vulnerable code upstream in both Thanks for making sure. > 2.6.26 and 2.6.32. does redhat not ship hvc in their kernels? i think > this should get a cve id because the more vanilla distros will have > shipped with this included. At least not for the officially supported kernels as shipped in Red Hat Enterprise Linux. I don't speak for other vendors, so if they need a CVE name, they should request for one. Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ