oss-sec mailing list archives
CVE request: kernel: tty: release_one_tty() forgets to put pids
From: Eugene Teo <eugene () redhat com>
Date: Thu, 15 Apr 2010 08:37:41 +0800
On 04/15/2010 08:23 AM, Michael Gilbert wrote:
On Wed, 14 Apr 2010 11:20:00 +0800 Eugene Teo wrote:2) tty: release_one_tty() forgets to put pids https://bugzilla.redhat.com/show_bug.cgi?id=582076 http://git.kernel.org/linus/6da8d866d0d39e9509ff826660f6a86a6757c966 Not sure this issue can be triggered by a non-privileged user.this one should get a CVE id i think. looking at only two data points (2.6.26 and 2.6.32), i've found the vulnerable code present in both. if i'm not mistaken, redhat has had supported releases in that range.
Was discussing this with another colleague, that it seems possible to trigger this issue with a non-privileged user. And yes, I agree that this should have a CVE name assigned. Thanks.
Eugene
Current thread:
- Couple of kernel issues Eugene Teo (Apr 13)
- Re: Couple of kernel issues Michael Gilbert (Apr 14)
- CVE request: kernel: tty: release_one_tty() forgets to put pids Eugene Teo (Apr 14)
- Re: CVE request: kernel: tty: release_one_tty() forgets to put pids Eugene Teo (Apr 14)
- Re: CVE request: kernel: tty: release_one_tty() forgets to put pids Josh Bressers (Apr 15)
- Re: CVE request: kernel: tty: release_one_tty() forgets to put pids Eren Türkay (Apr 26)
- Re: CVE request: kernel: tty: release_one_tty() forgets to put pids Eugene Teo (Apr 27)
- CVE request: kernel: tty: release_one_tty() forgets to put pids Eugene Teo (Apr 14)
- Re: Couple of kernel issues Michael Gilbert (Apr 14)