Date: Fri, 6 Jun 2014 01:16:14 -0400 From: Rich Felker <dalias@...c.org> To: oss-security@...ts.openwall.com Cc: Thomas Gleixner <tglx@...utronix.de> Subject: Re: Linux kernel futex local privilege escalation (CVE-2014-3153) On Fri, Jun 06, 2014 at 07:51:17AM +0400, Solar Designer wrote: > I've added CC to Thomas. > > On Thu, Jun 05, 2014 at 11:38:27PM -0400, Rich Felker wrote: > > On Thu, Jun 05, 2014 at 06:45:45PM +0400, Solar Designer wrote: > > > I've attached patches by Thomas Gleixner (four e-mails, in mbox format), > > > as well as back-ports of those by John Johansen of Canonical, who wrote: > > > > Maybe I'm missing something, but I can't find any statement of what > > version these patches are intended to apply cleanly to. They don't > > apply to latest stable. > > Thomas - can you answer Rich's question? This is about patches you sent > on June 3 to linux-distros, which Kees then saved into an mbox file. It does apply cleanly against 3.15-rc8 (with a few offsets). After applying, the resulting futex.c differs from the current version in the mainline repo by a single-byte typo in a comment. Rich
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ