[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] SELinux and mmap_min_addr behaviour (CVE-2009-2695)
From: Mark J Cox <mjc () redhat ! com>
Date: 2009-08-17 16:05:40
Message-ID: 0908171653340.25831 () mjc ! redhat ! com
[Download RAW message or body]
FYI given upstream discussions we gave CVE-2009-2695 to 'a system with
SELinux enabled with the default targeted policy is more permissive for
unconfined domains, allowing local users to map low memory areas even if
mmap_min_addr protection is enabled. This could allow the exploitation of
NULL pointer dereference flaws'. See also http://kbase.redhat.com/faq/docs/DOC-18042
Mark
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic