Date: Sat, 5 Jul 2014 22:51:59 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-4699: Linux ptrace bug On Sat, Jul 05, 2014 at 08:41:20PM +0200, Yves-Alexis Perez wrote: > On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote: > > So far, we're aware that the problem is definitely triggerable on recent > > kernels (at least mainline and recent Ubuntu) running on Intel CPUs > > (including in guest kernels in some VMs that run on Intel CPU hosts). > > For what it's worth, we managed to reproduce the crash on Debian 3.14.9-1 > kernel (from sid), but not on the stable 3.2.57-3+deb7u2 (there's a > double faute but no panic), on Intel CPUs. Maybe it's just me, but I find the above ambiguous. What exactly do you mean by "crash" and "panic" above? How do you know it's a double fault? What appears in dmesg on the first system, and what on the second system? What's the value of the kernel.panic_on_oops sysctl, and is it the same on both systems? Thanks, Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.