Date: Sun, 6 Jul 2014 12:20:03 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-4699: Linux ptrace bug On Sun, Jul 06, 2014 at 04:06:12AM -0400, John Johansen wrote: > On 07/05/2014 08:37 PM, Marc Deslauriers wrote: > > On 14-07-05 05:22 PM, Yves-Alexis Perez wrote: > >> On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote: > >>> "ptrace,x86: force IRET path after a ptrace_stop()" > >>> http://kernel.opensuse.org/cgit/kernel/commit/?h=openSUSE-13.1&id=d1f26676dad578a65c94782f0c2bd00b7aa68f1b > >>> > >>> "CVE-2014-4699 Kernel: x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX" > >>> https://bugzilla.redhat.com/show_bug.cgi?id=1115927 > >> > >> Hmhm, what are the reasons why the mainline (and opensuse) fix > >> (b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a) is to force using IRET > >> instead of SYSRET, while distros like Ubuntu and Redhat seem to ???only??? > >> make sure RIP is canonical? > > > > AFAIK, our plan is to switch to the upstream fix for the next kernel updates. > > yep, Ubuntu went with the original patch, as we where mostly through our process > when b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a hit. We decided to do a release with > the original patch so we could get something out this weekend, but will switch to > b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a asap Why don't you keep both patches? It sounds safer to me to use both. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ