Date: Sat, 05 Jul 2014 20:37:42 -0400 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-4699: Linux ptrace bug On 14-07-05 05:22 PM, Yves-Alexis Perez wrote: > On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote: >> Here are some distro vendor status pages on this bug: >> >> "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)" >> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1337339 >> >> Ubuntu has just sent out 7 update announcements (for different of >> their >> supported distros/kernels), USN-2266-1 through USN-2272-1. >> >> "ptrace,x86: force IRET path after a ptrace_stop()" >> http://kernel.opensuse.org/cgit/kernel/commit/?h=openSUSE-13.1&id=d1f26676dad578a65c94782f0c2bd00b7aa68f1b >> >> "CVE-2014-4699 Kernel: x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX" >> https://bugzilla.redhat.com/show_bug.cgi?id=1115927 > > Hmhm, what are the reasons why the mainline (and opensuse) fix > (b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a) is to force using IRET > instead of SYSRET, while distros like Ubuntu and Redhat seem to “only” > make sure RIP is canonical? > > Regards, > AFAIK, our plan is to switch to the upstream fix for the next kernel updates. Marc.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ