Date: Sat, 5 Jul 2014 22:51:59 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-4699: Linux ptrace bug On Sat, Jul 05, 2014 at 08:41:20PM +0200, Yves-Alexis Perez wrote: > On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote: > > So far, we're aware that the problem is definitely triggerable on recent > > kernels (at least mainline and recent Ubuntu) running on Intel CPUs > > (including in guest kernels in some VMs that run on Intel CPU hosts). > > For what it's worth, we managed to reproduce the crash on Debian 3.14.9-1 > kernel (from sid), but not on the stable 3.2.57-3+deb7u2 (there's a > double faute but no panic), on Intel CPUs. Maybe it's just me, but I find the above ambiguous. What exactly do you mean by "crash" and "panic" above? How do you know it's a double fault? What appears in dmesg on the first system, and what on the second system? What's the value of the kernel.panic_on_oops sysctl, and is it the same on both systems? Thanks, Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ