oss-sec mailing list archives

Re: CVE-2014-4699: Linux ptrace bug

From: Solar Designer <solar () openwall com>
Date: Sat, 5 Jul 2014 22:51:59 +0400

On Sat, Jul 05, 2014 at 08:41:20PM +0200, Yves-Alexis Perez wrote:

On sam., 2014-07-05 at 22:25 +0400, Solar Designer wrote:

So far, we're aware that the problem is definitely triggerable on recent
kernels (at least mainline and recent Ubuntu) running on Intel CPUs
(including in guest kernels in some VMs that run on Intel CPU hosts).


For what it's worth, we managed to reproduce the crash on Debian 3.14.9-1
kernel (from sid), but not on the stable 3.2.57-3+deb7u2 (there's a
double faute but no panic), on Intel CPUs.


Maybe it's just me, but I find the above ambiguous.

What exactly do you mean by "crash" and "panic" above?  How do you know
it's a double fault?  What appears in dmesg on the first system, and
what on the second system?  What's the value of the kernel.panic_on_oops
sysctl, and is it the same on both systems?

Thanks,

Alexander

Current thread:

CVE-2014-4699: Linux ptrace bug Andy Lutomirski (Jul 04)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 04)
- Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
  - Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
  - Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Andy Lutomirski (Jul 08)
    - Re: CVE-2014-4699: Linux ptrace bug Solar Designer (Jul 08)
  - Re: CVE-2014-4699: Linux ptrace bug Yves-Alexis Perez (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug Marc Deslauriers (Jul 05)
    - Re: CVE-2014-4699: Linux ptrace bug John Johansen (Jul 06)

(Thread continues...)