Date: Fri, 23 Jan 2015 13:16:19 -0500 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Linux kernel crypto api unprivileged arbitrary module load Hello, The Crypto API in the Linux kernel before 3.19 allowed unprivileged users to load arbitrary kernel modules. Info: https://lkml.org/lkml/2013/3/4/70 https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu Fixed by: https://git.kernel.org/linus/5d26a105b5a7 https://git.kernel.org/linus/4943ba16bbc2 https://git.kernel.org/linus/3e14dcf7cb80 Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ