Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 May 2022 17:04:32 +0000
From: Jeremy Stanley <>
Subject: Re: CVE-2022-1729: race condition in Linux perf
 subsystem leads to local privilege escalation

On 2022-05-26 18:44:38 +0200 (+0200), Norbert Slusarek wrote:
> Overall, as a researcher I would prefer having a way just to
> inform distros of a bug, *without* being subject to these
> requirements.

Problem is, at least some of the distribution representatives don't
want to be privy to indefinitely secret information like exploits,
as that's also a liability for them. They're willing to tolerate it
for a brief period, but don't wish to be responsible for keeping
your secret forever.
Jeremy Stanley

Download attachment "signature.asc" of type "application/pgp-signature" (964 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.