Date: Mon, 12 May 2014 15:32:28 +0400 From: Solar Designer <solar@...nwall.com> To: Savio Bot <54v330@...il.com> Cc: Matthew Daley <mattd@...fuzz.com>, fulldisclosure@...lists.org, oss-security@...ts.openwall.com Subject: Re: [FD] CVE-2014-0196: Linux kernel pty layer race condition memory corruption On Mon, May 12, 2014 at 04:03:10PM +0530, Savio Bot wrote: > So is this bug also present in 2.6? Yes, 2.6.31-rc3 and newer: http://www.openwall.com/lists/oss-security/2014/05/05/6 Luckily, apparently the bug was not backported to RHEL5: https://access.redhat.com/security/cve/CVE-2014-0196 "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue." Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ