Date: Wed, 29 Mar 2017 16:57:49 -0500 From: Tyler Hicks <tyhicks@...onical.com> To: oss-security@...ts.openwall.com Cc: "security@...ntu.com" <security@...ntu.com> Subject: Re: information about pwn2own Kernel problem This issue is no longer embargoed and I've just sent some details to this list: http://openwall.com/lists/oss-security/2017/03/29/2 The upstream kernel was affected and fixes have been committed. Tyler On 03/22/2017 05:19 PM, Dave Null wrote: > I was wondering this myself. I'm not sure if ZDI does any variant > investigation when they pick up a bug. Really hoping this doesn't jump from > a distro related problem to a Linux problem. > > -noid > > Crypto: https://keybase.io/noid > None are more hopelessly enslaved than those who falsely believe they are > free - Goethe > -- > > On Wed, Mar 22, 2017 at 1:54 PM, Luedtke, Nicholas (HPE Linux Security) < > nicholas.luedtke@....com> wrote: > >> >> On 3/22/2017 2:21 PM, Tyler Hicks wrote: >>> ZDI disclosed the information to the Ubuntu Security team a little less >>> than 48 hours ago. >>> >>> The Ubuntu Kernel team has triaged the issue and came up with a >>> potential fix. That fix is undergoing internal review and I'll be >>> disseminating it via the usual channels once that is complete. >>> >>> Tyler >> Is this an Ubuntu specific issue? Or does it affect the upstream kernels >> as well? >> >> >> -- >> Nicholas Luedtke >> HPE Linux Security, Hewlett-Packard Enterprise >> >> >> >> > [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ