Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Jan 2012 09:17:46 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Solar Designer <solar@...nwall.com>
Subject: Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem
 handling

On 01/23/2012 01:52 AM, Solar Designer wrote:
> On Wed, Jan 18, 2012 at 10:25:55AM +0800, Eugene Teo wrote:
>> "Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very
>> robust, and it also doesn't match the permission checking of any of the
>> other related files.
> 
> Anyone got a pointer to Jüri's report?  I suppose it was somewhere on
> LKML, but I haven't found it yet.

It was reported privately. I will forward a copy to our private list
once I have his permission.

Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ