oss-sec mailing list archives
Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename()
From: Vladis Dronov <vdronov () redhat com>
Date: Mon, 7 Aug 2017 09:55:36 -0400 (EDT)
Hello, Brad, Indeed, the wording "in the wild" is probably incorrect. The mentioned exploit was developed by the flaw researchers and we are not aware of it being available to or used by anyone else. We are sorry for this misinformation. As for the timeline as we understand it, we were notified about the flaw, we've discovered the flaw being actually already fixed in the upstream, we've notified linux-distros@ and in a week we've made this public announce. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 03)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() John Haxby (Aug 03)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Brad Spengler (Aug 05)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Solar Designer (Aug 10)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() John Haxby (Aug 03)