Date: Tue, 29 Mar 2016 17:00:03 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com Cc: CVE Assignments MITRE <cve-assign@...re.org> Subject: Re: Partial SMAP bypass on 64-bit Linux kernels Hi, On Fri, Feb 26, 2016 at 12:28:23PM -0800, Andy Lutomirski wrote: > Hi all- > > Those of you using 64-bit Linux kernels on SMAP-capable systems (which > are still very rare in the server space) with ia32 emulation enabled > will want to backport: > > https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?h=x86/urgent&id=3d44d51bd339766f0178f0cf2e8d048b4a4872aa > > That patch fixes a bug that exposed a fairly large kernel code surface > to a straightforward SMAP bypass. > > Credit to Brian Gerst who noticed the bug. > > This bug is present in all kernels from 3.10 on AFAICT. Kernels > before 3.10 don't support SMAP in the first place. 32-bit kernels are > not affected (but why would you be running a 32-bit kernel on > SMAP-capable hardware in the first place?). @MITRE CVE assignment team: Would it make sense to have a CVE id assigned for this issue for better trackability? If so can you assign one? Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.