Date: Mon, 23 Jan 2012 09:17:46 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: Solar Designer <solar@...nwall.com> Subject: Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling On 01/23/2012 01:52 AM, Solar Designer wrote: > On Wed, Jan 18, 2012 at 10:25:55AM +0800, Eugene Teo wrote: >> "Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very >> robust, and it also doesn't match the permission checking of any of the >> other related files. > > Anyone got a pointer to Jüri's report? I suppose it was somewhere on > LKML, but I haven't found it yet. It was reported privately. I will forward a copy to our private list once I have his permission. Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ