[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Linux kernel < 4.8 local generic ASLR - another CVE-ID
From: Solar Designer <solar () openwall ! com>
Date: 2019-05-22 19:41:21
Message-ID: 20190522194121.GA29301 () openwall ! com
[Download RAW message or body]
On Thu, Apr 18, 2019 at 09:40:54AM -0400, Vladis Dronov wrote:
> Just in another case - this flaw in a.out binaries has got the CVE-2019-11191:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11191
Dongguangdong of Huawei PSIRT discovered and reported to linux-distros
on May 6 that this additionally affects flat binaries, binfmt_flat.c.
Since we're now past linux-distros' 14 days max embargo period and since
Dongguangdong failed to bring this in here on time, I felt I had to take
over and post the above now.
Personally, I find this a very minor detail, but I like (linux-)distros
policy to be adhered to without exceptions.
Alexander
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic