oss-sec mailing list archives
Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function
From: Florian Weimer <fweimer () redhat com>
Date: Tue, 30 May 2017 14:52:58 +0200
On 05/30/2017 01:51 PM, Daniel Micay wrote:
It's unreasonable to consider the kernel line untrusted. A CVE being issued for one of these issues didn't make sense.
It's a potential Secure Boot bypass, so it matters in some theoretical sense to some downstreams which carry those Secure Boot patches. (Although I have yet to see anyone to revoke a signature on a kernel with known root-to-ring-0 escalations, so the practical impact isn't large because an attack could still downgrade to a kernel with an exploitable vulnerability.) Florian
Current thread:
- Linux kernel: stack buffer overflow with controlled payload in get_options() function Ilya Matveychikov (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Simon McVittie (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Florian Weimer (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Florian Weimer (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Florian Weimer (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Simon McVittie (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Daniel Micay (May 30)
- Re: Linux kernel: stack buffer overflow with controlled payload in get_options() function Kurt Seifried (May 30)