oss-sec mailing list archives
Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename()
From: Vladis Dronov <vdronov () redhat com>
Date: Mon, 7 Aug 2017 09:51:30 -0400 (EDT)
Hello, 1) We would like to make an additional announcement that an important part of this flaw research was conducted by Leilei Lin <leilei.lin () alibaba-inc com> of Alibaba Group, who developed the initial patches: https://patchwork.kernel.org/patch/9755753/ https://patchwork.kernel.org/patch/9755757/ 2) Unfortunately, the wording "in the wild" in this announcement is probably incorrect. The mentioned exploit was developed by the flaw researchers and we are not aware of it being available publicly or used by a wider audience. We are sorry for this misinformation. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 03)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() John Haxby (Aug 03)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Brad Spengler (Aug 05)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Solar Designer (Aug 10)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() Vladis Dronov (Aug 07)
- Re: [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() John Haxby (Aug 03)