oss-sec mailing list archives
Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring
From: Kyle Zeng <zengyhkyle () gmail com>
Date: Tue, 24 May 2022 09:28:29 -0700
A small correction, I shared a minimal crashing PoC to linux-distros but not the LPE exploit. I do not plan to share the LPE exploit because of ethical issues. To answer your question: I intend to post the crashing PoC on May 27th. Thanks for reminding me. Kyle On Tue, May 24, 2022 at 9:22 AM Solar Designer <solar () openwall com> wrote:
On Tue, May 24, 2022 at 09:10:37AM -0700, Kyle Zeng wrote:# Impact I wrote a proof-of-concept exploit and demonstrated that it can be used to achieve local privilege escalation.Since you shared the PoC exploit with linux-distros, you're supposed to also post that to oss-security within 7 days of your first posting above, so by or on May 31. Do you intend to, and when exactly? Alexander
Current thread:
- CVE-2022-1786: Linux Kernel invalid-free in io_uring Kyle Zeng (May 24)
- Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring Solar Designer (May 24)
- Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring Kyle Zeng (May 24)
- Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring Kyle Zeng (May 28)
- Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring Kyle Zeng (May 24)
- Re: CVE-2022-1786: Linux Kernel invalid-free in io_uring Solar Designer (May 24)