oss-sec mailing list archives
Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)
From: rf () q-leap de
Date: Fri, 31 Jan 2014 17:34:05 +0100
"SD" == Solar Designer <solar () openwall com> writes:
SD> Hi, This issue was brought to linux-distros and security@k.o 2 SD> days ago via the message quoted below, and it was just made SD> public at 22:00 UTC today (two hours ago) via grsecurity and PaX SD> (who were the ones to find the issue). Normally, the person who SD> brought this to linux-distros would be the one responsible to SD> bring the issue to oss-security as soon as the issue is public, SD> but Kees does not appear to be around at the moment and the SD> issue is critical enough that I find it inappropriate to delay SD> this posting by a few hours more, hence I am doing Kees' job by SD> posting this in here. SD> This is CVE-2014-0038 (assigned shortly after Kees sent the SD> message below). I will also include PaX Team's revised patch SD> below. Are you sure this is the correct CVE? It was assigned already beginning of Dec. last year. Roland
Current thread:
- Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 30)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Kees Cook (Jan 30)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) rf (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) rf (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Kurt Seifried (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)