oss-sec mailing list archives

CVE request: kernel: arbitrary kernel read in xtensa

From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Wed, 20 Jul 2011 08:22:45 -0400

Not sure if any distributions support xtensa, but regardless:

Due to a failure to check user pointers passed to a ptrace_setxregs
request, it is possible for a local unprivileged user to read
arbitrary kernel memory [1].

-Dan

[1] http://marc.info/?l=linux-kernel&m=131008344912672&w=2

Current thread:

CVE request: kernel: arbitrary kernel read in xtensa Dan Rosenberg (Jul 20)
- Re: CVE request: kernel: arbitrary kernel read in xtensa Josh Bressers (Jul 20)