Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 5 Jul 2014 22:51:59 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2014-4699: Linux ptrace bug

On Sat, Jul 05, 2014 at 08:41:20PM +0200, Yves-Alexis Perez wrote:
> On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote:
> > So far, we're aware that the problem is definitely triggerable on recent
> > kernels (at least mainline and recent Ubuntu) running on Intel CPUs
> > (including in guest kernels in some VMs that run on Intel CPU hosts).
> 
> For what it's worth, we managed to reproduce the crash on Debian 3.14.9-1
> kernel (from sid), but not on the stable 3.2.57-3+deb7u2 (there's a
> double faute but no panic), on Intel CPUs.

Maybe it's just me, but I find the above ambiguous.

What exactly do you mean by "crash" and "panic" above?  How do you know
it's a double fault?  What appears in dmesg on the first system, and
what on the second system?  What's the value of the kernel.panic_on_oops
sysctl, and is it the same on both systems?

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ