Date: Tue, 17 Jan 2012 12:55:07 -0500 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: coley@...us.mitre.org Cc: oss-security@...ts.openwall.com, security@...ntu.com Subject: CVE Request: overlayfs Could we please get a CVE assigned to the following issue: overlayfs, as used in the Ubuntu kernel, doesn't perform required inode security checks, bypassing intended security restrictions. Bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/915941 Upstream source: git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs.git Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ