Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Jun 2014 01:16:14 -0400
From: Rich Felker <dalias@...c.org>
To: oss-security@...ts.openwall.com
Cc: Thomas Gleixner <tglx@...utronix.de>
Subject: Re: Linux kernel futex local privilege escalation
 (CVE-2014-3153)

On Fri, Jun 06, 2014 at 07:51:17AM +0400, Solar Designer wrote:
> I've added CC to Thomas.
> 
> On Thu, Jun 05, 2014 at 11:38:27PM -0400, Rich Felker wrote:
> > On Thu, Jun 05, 2014 at 06:45:45PM +0400, Solar Designer wrote:
> > > I've attached patches by Thomas Gleixner (four e-mails, in mbox format),
> > > as well as back-ports of those by John Johansen of Canonical, who wrote:
> > 
> > Maybe I'm missing something, but I can't find any statement of what
> > version these patches are intended to apply cleanly to. They don't
> > apply to latest stable.
> 
> Thomas - can you answer Rich's question?  This is about patches you sent
> on June 3 to linux-distros, which Kees then saved into an mbox file.

It does apply cleanly against 3.15-rc8 (with a few offsets). After
applying, the resulting futex.c differs from the current version in
the mainline repo by a single-byte typo in a comment.

Rich

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ