Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 Feb 2011 16:38:20 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request - kernel: s390 task_show_regs infoleak

"task_show_regs used to be a debugging aid in the early bringup days of 
Linux on s390. /proc/<pid>/status is a world readable file, it is not a 
good idea to show the registers of a process. The only correct fix is to 
remove task_show_regs."

http://git.kernel.org/linus/261cd298a8c363d7985e3482946edb4bfedacf98
https://bugzilla.redhat.com/677850

This does all the way back to 2.4.x.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.