Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Jul 2015 16:16:57 +0000
From: Fiedler Roman <Roman.Fiedler@....ac.at>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
CC: Serge Hallyn <serge.hallyn@...ntu.com>,
        St├ęphane Graber
	<stgraber@...ntu.com>,
        "security@...ntu.com" <security@...ntu.com>,
        "Tyler
 Hicks" <tyhicks@...onical.com>
Subject: Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334)

> Von: Tyler Hicks [mailto:tyhicks@...onical.com]
> 
> Two security issues were found in LXC:
> 
> [snip]

To help others discover similar issues, not only in container virtualization
e.g. LXC, Docker, Vserver,  OpenVZ, but also other programs, I've written up
the basic analysis methods used during testing in [1]. Detection examples
for the not yet disclosed vulnerabilities are omitted and will be included
in future release.

Roman

[1] https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.txt (.html)

[ CONTENT OF TYPE application/pkcs7-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ