oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Problems in automatic crash analysis frameworks

From: Tavis Ormandy <taviso () google com>
Date: Fri, 17 Apr 2015 14:50:32 -0700
On Fri, Apr 17, 2015 at 1:54 PM, Grandma Eubanks <tborland1 () gmail com>
wrote:

Just to enter into the fray, I reported a simple dmesg_restrict bypass and
found a lot of these recent more recent 'information' disclosures a while
ago with minimal changes:

https://bugzilla.redhat.com/show_bug.cgi?id=1128400



Ugh, definitely needs to be fixed.

I've been waiting for some commits before I look any further, as I don't
know if each issue is going to be addressed individually or if some
rearchitecturing will resolve everything.

Tavis.
Previous By Date Next
Previous By Thread Next

Current thread: