oss-sec mailing list archives
CVE Request: Linux kernel crypto api unprivileged arbitrary module load
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 23 Jan 2015 13:16:19 -0500
Hello, The Crypto API in the Linux kernel before 3.19 allowed unprivileged users to load arbitrary kernel modules. Info: https://lkml.org/lkml/2013/3/4/70 https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu Fixed by: https://git.kernel.org/linus/5d26a105b5a7 https://git.kernel.org/linus/4943ba16bbc2 https://git.kernel.org/linus/3e14dcf7cb80 Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: Linux kernel crypto api unprivileged arbitrary module load Marc Deslauriers (Jan 23)
- Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load cve-assign (Jan 24)
- Re: Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load Mathias Krause (Jan 24)
- Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load cve-assign (Jan 24)
- Re: Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load Mathias Krause (Jan 24)
- Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load cve-assign (Jan 24)