Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Tue, 08 Jul 2008 18:13:04 +0800
From: Eugene Teo <eteo@...hat.com>
To: oss-security@...ts.openwall.com
CC: coley@...re.org
Subject: Re: 2.6.25.10 security fixes, please assign CVE id

Marcus Meissner wrote:
> http://lwn.net/Articles/288473/
> 
>> Stable kernel 2.6.25.10
>> Posted Jul 3, 2008 15:34 UTC (Thu) by PaXTeam (subscriber, #24616) [Link] 
[...]
>> 2.
>> http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=1e9a615bfce7996ea4d815d45d364b47ac6a74e8
>> is an even better one, it allows one to overflow the task struct refcount (a 32 bit atomic_t
>> on the affected amd64) and cause its subsequent freeing with dangling references to it all
>> over the place (including 'current' of the ptraced task itself). corresponding exploit avenues
>> abound.
> 
> I don't know if this one has a CVE yet.

I'm cc'ing Steve just to make sure that this gets a CVE id.

Thanks,
Eugene
-- 
Eugene Teo / Red Hat Security Response Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux