oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)

From: "Jason A. Donenfeld" <Jason () zx2c4 com>
Date: Thu, 9 Feb 2012 03:15:56 +0100
On Thu, Feb 9, 2012 at 00:03, Djalal Harouni <tixxdz () opendz org> wrote:


Hi Solar, Jason,

Nice one Jason, and I've also found this according to this tweet:
http://twitter.com/#!/tixxdz/status/165818331092365312



http://git.zx2c4.com/CVE-2012-0056/commit/?id=105eded1abc03c5610cf912d4939809b2f06627e

2012-01-25 (for the record)

probably this has been known by a lot of folks for a while though
Previous By Date Next
Previous By Thread Next

Current thread: