Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 8 Mar 2014 22:17:49 -0500 (EST)
From: cve-assign@...re.org
To: seth.arnold@...onical.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, security@...ntu.com
Subject: Re: CVE Request: thermald

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I discovered that the thermald temperature management daemon opens a file
> with predictable filename in /tmp unsafely. Please assign a CVE number for
> this issue:
> 
> https://github.com/01org/thermal_daemon/blob/master/src/android_main.cpp#L117

> can be used to write the process's pid to a file of the attacker's
> choosing.

Use CVE-2014-2312.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTG9rOAAoJEKllVAevmvmspGEIAI+W32s9bbR1inTAjNLYepza
+1Kv1d1ZslV2Xlu0uFTF9dXCLJyRG9l8NPNmen1eLrMQfVROfn3mtPFotpXWFxnR
0kAwNnxd33x1UVOjb9qFkn6aYHn6eE4gWCQw3MAcfJCyEtRFkFHEqeze7uCmeVml
QIBfESKvigTTvZ/IcZIYuNIB3t0Vs1FNN8FdvOwPChTMJEg8jBrAoorFuznZWyLh
rZPrAeEqe0h8db0do66+shTXEvWIA6UgRM/ehbC2HWUVs9pWKmXIdtmcVn940gbg
FFT3zsFsWCoxJGhNkDjJyj3uobHnG3AaQ1+d9suWbwb6Pb6Y9MjkWTSKQaMyxXg=
=f1jy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ