Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 11 Jun 2010 07:33:48 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2010-2070 kernel-xen: ia64-xen: unset be from the task psr

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2070
http://xenbits.xensource.com/xen-4.0-testing.hg?rev/42caadb14edb

An unprivileged user can turn on BE by modifying the user mask of the 
PSR, resulting in at least a local denial of service. This issue can be 
triggered the same way CVE-2006-0742 was triggered, but both are not 
related (not a regression).

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ