Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 23 Jul 2015 04:13:28 +0200
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: Security issues in LXC (CVE-2015-1331 and CVE-2015-1334)

On Wed, Jul 22, 2015 at 04:16:57PM +0000, Fiedler Roman wrote:
> To help others discover similar issues, not only in container virtualization
> e.g. LXC, Docker, Vserver,  OpenVZ, but also other programs, I've written up
> the basic analysis methods used during testing in [1]. Detection examples
> for the not yet disclosed vulnerabilities are omitted and will be included
> in future release.
> 
> Roman
> 
> [1] https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.txt (.html)

Good stuff!  To have it archived along with oss-security postings, I've
attached a copy of your LxcSecurityAnalysis.txt to this message.

Alexander

View attachment "LxcSecurityAnalysis.txt" of type "text/plain" (15877 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ