Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 13 Oct 2016 03:01:25 -0400 (EDT)
From: cve-assign@...re.org
To: krahmer@...e.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: bubblewrap LPE

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Once the dumpable flag is set, there is a chance we could attach to the process,
> once the remaining caps are dropped and the whole process runs as user.
> 
> Luckily, that happens at line 1707, right after a PrivSep socket has been opened!

Use CVE-2016-8659 for this issue in which there is unintended
functionality of attaching to the process because of the details
of the code near 1707.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX/zCzAAoJEHb/MwWLVhi2N7MP/iBQbZmO7LEnU4n2DN0AgDwV
WiZAzDsNl6rfFMDC25pSmy+0wY5E9qzbXdOWxiAphntuwG7K2qPeM78FrqcBr6wB
/bMwj1Xp7fIWZIAt5O9Nnd/0B+KQgYwU0KjaJVyEyHW59Qhk/WWIqWViqia3CDL0
zWVF/Ofnu2pTeoIOIBmnjAdgkiSihpU1XlR16e2YGfJAKAlaS0td+4jhogUmgkg3
Sa5IbvgTVrLdG0LALAa9NQeN2guOslDkiQepW4NjhNungSJbmrkgq3xdMey2GHrC
1hV1DgHbBLg43Kz7Mp1wKLxAn+VWvZrPHfYAP/gwpmA9kuUet1PAlN84awi2VbQg
fTiY2f7/0AyQsIhhgPQVqfsidw2xBQ0DYc7uoQftFff/MmVFs0+K4miuFqmeQ06B
WyFs4ur43J2EiS/rBJnZlNlqaBGvVg9pzeLv5MhfYnvteFGDxALfKAKNqIpQYHsZ
c0JynLFP+el/XMBS2pt8cJiD1xVhGS/G3eCGCUWTmPBmaMfLHcJeyxO8ZmLcDetN
zLPWjCDgtqUWGtfKWTR643I1cu5IVD3w2/k+glXwy3spz5JiKl5tfAFodDSUi35m
Yn54sbPQ5ohVqoUrSd7FzTzrgfVAZJVNjcqbG+3VGpnfscgn0dSsEiH2i2jTlOy7
Vxo15BHmFPpa4CuVsG/j
=/As/
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ