Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 29 Mar 2016 17:00:03 +0200
From: Salvatore Bonaccorso <>
Cc: CVE Assignments MITRE <>
Subject: Re: Partial SMAP bypass on 64-bit Linux kernels


On Fri, Feb 26, 2016 at 12:28:23PM -0800, Andy Lutomirski wrote:
> Hi all-
> Those of you using 64-bit Linux kernels on SMAP-capable systems (which
> are still very rare in the server space) with ia32 emulation enabled
> will want to backport:
> That patch fixes a bug that exposed a fairly large kernel code surface
> to a straightforward SMAP bypass.
> Credit to Brian Gerst who noticed the bug.
> This bug is present in all kernels from 3.10 on AFAICT.  Kernels
> before 3.10 don't support SMAP in the first place.  32-bit kernels are
> not affected (but why would you be running a 32-bit kernel on
> SMAP-capable hardware in the first place?).

@MITRE CVE assignment team: Would it make sense to have a CVE id
assigned for this issue for better trackability? If so can you assign


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ