oss-sec mailing list archives

Re: Re: CVE Request - Linux kernel - securelevel/secureboot bypass.

From: Blibbet <blibbet () gmail com>
Date: Thu, 15 Oct 2015 12:39:44 -0700



On 10/15/2015 09:58 AM, cve-assign () mitre org wrote:

As far as we can tell, you are reporting an issue in functionality
that was developed for a Red Hat product. Because identical
functionality is not currently offered elsewhere, a CVE ID can be
assigned without considering the details of the securelevel behavior
that may later be implemented (or considered optimal) outside of Red
Hat.


I haven't seen Red Hat's new patch yet, but does this count? It sounds
like similar functionality, at least.
https://github.com/mjg59/linux/commit/4980702888a73e0fd4b48ef6f6683345011aa3a6

More URLs here:
http://firmwaresecurity.com/2015/10/06/matthew-garretts-new-linux-fork/
http://firmwaresecurity.com/2015/10/09/clarification-of-matthew-garretts-linux-fork/

Thanks,
Lee
RSS: http://firmwaresecurity.com/feed

Current thread:

CVE Request - Linux kernel - securelevel/secureboot bypass. Wade Mealing (Oct 14)
- Re: CVE Request - Linux kernel - securelevel/secureboot bypass. Wade Mealing (Oct 15)
- Re: CVE Request - Linux kernel - securelevel/secureboot bypass. cve-assign (Oct 15)
  - Re: Re: CVE Request - Linux kernel - securelevel/secureboot bypass. Blibbet (Oct 15)