oss-sec mailing list archives
Re: Status of two Linux kernel issues w/o CVE assignments
From: Eugene Teo <eteo () redhat com>
Date: Sun, 25 Dec 2011 05:53:26 +0800
2: /proc/$PID/{sched,schedstat} information leak Vasiliy Kulikov of OpenWall posted a demo exploit. http://openwall.com/lists/oss-security/2011/11/05/3 AFAICS no CVE ID was assigned to this?I believe we are not assigning CVE's for these types of proc related issues, some discussion was had: https://lkml.org/lkml/2011/2/7/368 http://www.google.com/custom?domains=lkml.org&q=%2Fproc%2F+leaks but I'm not sure what the outcome is. CC'ing Eugene Teo.
IIRC, it's an issue but there's no resolution as existing code may break.
There are also,
/proc/{interrupts, stat}
https://lkml.org/lkml/2011/11/7/340
/dev/pts/, /dev/tty*
https://lkml.org/lkml/2011/11/7/355
I have not checked the status of these issues. Vasiliy, kindly shed some
light.
Happy holidays.
Eugene
Current thread:
- Status of two Linux kernel issues w/o CVE assignments Moritz Muehlenhoff (Dec 22)
- Re: Status of two Linux kernel issues w/o CVE assignments Kurt Seifried (Dec 23)
- Re: Status of two Linux kernel issues w/o CVE assignments Michael Gilbert (Dec 23)
- Re: Status of two Linux kernel issues w/o CVE assignments Solar Designer (Dec 23)
- Re: Status of two Linux kernel issues w/o CVE assignments Eugene Teo (Dec 24)
- Re: Status of two Linux kernel issues w/o CVE assignments Vasiliy Kulikov (Dec 27)
- Re: Status of two Linux kernel issues w/o CVE assignments Kurt Seifried (Dec 27)
- Re: Status of two Linux kernel issues w/o CVE assignments Kurt Seifried (Dec 27)
- Re: Status of two Linux kernel issues w/o CVE assignments Eugene Teo (Dec 24)
- Re: Status of two Linux kernel issues w/o CVE assignments Kurt Seifried (Dec 23)