oss-sec: Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling

oss-sec mailing list archives

Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling

From: Eugene Teo <eugene () redhat com>
Date: Fri, 20 Jan 2012 22:52:11 +0800

On 01/19/2012 12:05 PM, Eugene Teo wrote:

On 01/19/2012 04:43 AM, Kees Cook wrote:

What's the problem with the old logic in the mem handling? (Why does this
need a CVE?)


This is a possible local privilege escalation issue on a system with
ASLR disabled, combined with other exploitation techniques.


Detailed information can be found here,
https://access.redhat.com/kb/docs/DOC-69129

Thanks, Eugene

By Date By Thread

Current thread:

CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 18)
- Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Kurt Seifried (Jan 18)
  - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 18)
- Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Kees Cook (Jan 18)
  - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 19)
    - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 20)
    - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 24)
- Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Solar Designer (Jan 22)
  - Message not available
    - Message not available
    - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Jason A. Donenfeld (Jan 22)
  - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Solar Designer (Jan 22)
  - Re: CVE request: kernel: proc: clean up and fix /proc/<pid>/mem handling Eugene Teo (Jan 23)

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]