[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Linux kernel CVE fixes
From: Marcus Meissner <meissner () suse ! de>
Date: 2013-11-27 8:41:32
Message-ID: 20131127084132.GE14463 () suse ! de
[Download RAW message or body]
On Fri, Nov 22, 2013 at 01:16:45PM -0800, Kees Cook wrote:
> Hi,
>
> Here are some further issues found by Nico Golde and Fabian Yamaguchi:
>
> http://git.kernel.org/linus/b4789b8e6be3151a955ade74872822f30e8cd914
> CVE-2013-6380
I got the question why this warrants a CVE as it is protected by CAP_SYS_ADMIN.
Only reason I would see is a "root user" -> "kernel code execution" path
which might otherwise be blocked by secure boot or other protection mechanisms?
Ciao, Marcus
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic