[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Linux kernel: multiple vulnerabilities in the USB subsystem x2
From: Greg KH <greg () kroah ! com>
Date: 2019-08-23 13:25:26
Message-ID: 20190823132526.GA28250 () kroah ! com
[Download RAW message or body]
On Thu, Aug 22, 2019 at 09:13:11PM -0400, Perry E. Metzger wrote:
> Given this, I think fixing bugs that might lead to privilege
> escalation, even if they require physical connection of USB devices,
> does indeed seem reasonable.
No one has said anything about not fixing these bugs. The Linux USB
developers have been spending a lot of time in the past weeks doing just
that, so please do not think that is an issue here.
Now the "mount a purposfully corrupted filesystem image" issues, that's
another story :) CERT has a long-running thread with a number of kernel
developers about issues they have found in that area over the past
years, which has not lead to many fixes for various reasons :(
thanks,
greg k-h
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic