Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Linux procfs infoleaks via self-read by a SUID/SGID program (was: CVE-2011-3637 Linux kernel: proc: fix Oops on invalid /proc/<pid>/maps access)
From: "Jason A. Donenfeld" <Jason () zx2c4 com>
Date: Thu, 9 Feb 2012 03:15:56 +0100

On Thu, Feb 9, 2012 at 00:03, Djalal Harouni <tixxdz () opendz org> wrote:

Hi Solar, Jason,

Nice one Jason, and I've also found this according to this tweet:
http://twitter.com/#!/tixxdz/status/165818331092365312


http://git.zx2c4.com/CVE-2012-0056/commit/?id=105eded1abc03c5610cf912d4939809b2f06627e

2012-01-25 (for the record)

probably this has been known by a lot of folks for a while though

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]