Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 30 May 2017 14:52:58 +0200
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com, Daniel Micay <danielmicay@...il.com>
Cc: Roee Hay <roeehay@...il.com>
Subject: Re: Linux kernel: stack buffer overflow with
 controlled payload in get_options() function

On 05/30/2017 01:51 PM, Daniel Micay wrote:
> It's unreasonable to consider the kernel line untrusted. A CVE being
> issued for one of these issues didn't make sense.

It's a potential Secure Boot bypass, so it matters in some theoretical
sense to some downstreams which carry those Secure Boot patches.

(Although I have yet to see anyone to revoke a signature on a kernel
with known root-to-ring-0 escalations, so the practical impact isn't
large because an attack could still downgrade to a kernel with an
exploitable vulnerability.)

Florian

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ