Home page logo

oss-sec logo oss-sec mailing list archives

Re: Linux kernel CVE fixes
From: Marcus Meissner <meissner () suse de>
Date: Wed, 27 Nov 2013 09:41:32 +0100

On Fri, Nov 22, 2013 at 01:16:45PM -0800, Kees Cook wrote:

Here are some further issues found by Nico Golde and Fabian Yamaguchi:


I got the question why this warrants a CVE as it is protected by CAP_SYS_ADMIN.

Only reason I would see is a "root user" -> "kernel code execution" path
which might otherwise be blocked by secure boot or other protection mechanisms?

Ciao, Marcus

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]