Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [month] [year] [list] 
Date: Mon, 17 Aug 2009 17:05:40 +0100 (BST)
From: Mark J Cox <mjc@...hat.com>
To: oss-security@...ts.openwall.com
Subject: SELinux and mmap_min_addr behaviour (CVE-2009-2695)

FYI given upstream discussions we gave CVE-2009-2695 to 'a system with 
SELinux enabled with the default targeted policy is more permissive for 
unconfined domains, allowing local users to map low memory areas even if 
mmap_min_addr protection is enabled.  This could allow the exploitation of 
NULL pointer dereference flaws'. See also http://kbase.redhat.com/faq/docs/DOC-18042

Mark

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux