oss-sec mailing list archives
Re: CVE Request: Linux kernel execution in the early microcode loader.
From: Florian Weimer <fweimer () redhat com>
Date: Thu, 19 Mar 2015 12:38:23 +0100
On 03/18/2015 07:22 PM, Daniel Micay wrote:
Vanilla kernels don't have this separation even without vulnerabilities though, at without without using an LSM. Even with an LSM, I'm pretty sure there are ways around it unless you use seccomp too...
Sure, but some downstreams ship modified kernels would probably treat this as a vulnerability (lack of enforcement of security controls etc.). -- Florian Weimer / Red Hat Product Security
Current thread:
- CVE Request: Linux kernel execution in the early microcode loader. Quentin Casasnovas (Mar 18)
- Re: CVE Request: Linux kernel execution in the early microcode loader. Florian Weimer (Mar 18)
- Re: CVE Request: Linux kernel execution in the early microcode loader. Daniel Micay (Mar 18)
- Re: CVE Request: Linux kernel execution in the early microcode loader. Florian Weimer (Mar 19)
- Re: CVE Request: Linux kernel execution in the early microcode loader. Daniel Micay (Mar 18)
- Re: CVE Request: Linux kernel execution in the early microcode loader. cve-assign (Mar 20)
- Re: CVE Request: Linux kernel execution in the early microcode loader. Florian Weimer (Mar 18)