Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20160126070048.A1A8F36E002@smtpvbsrv1.mitre.org>
Date: Tue, 26 Jan 2016 02:00:48 -0500 (EST)
From: cve-assign@...re.org
To: luto@...nel.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: x86 Linux TLB flush bug

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71b3c126e61177eb693423f2e18a1914205b165e

> The upshot is that, in principle, when Linux invalidates a paging
> structure that is not in use locally, it could, in principle, race
> against another CPU that is switching to a process that uses the
> paging structure in question.

Use CVE-2016-2069.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWpxegAAoJEL54rhJi8gl5ytsP/j4gQyyXkeuWkAMZXoa4wRP3
OteVx9I9kzg/ZKifHDome0jnEbEViBKAAyTTN5a+59ul0TwCvMUyoxyUQOn23i3G
poWglkXd3z2OpODIwykJ1iTf01Jtq1yTEqzdFvyhygNLi8wOSBUOyrgnMafMG7Dm
GWklTpur/i83dSP4fIPNOkqZR/5F5J/pqyDCVooIekgjNHRVKpPRBBtOiHh1bujs
h7pH7i6m/AwgEfPS6rWCLmPmOcJILdgSPPhV6gvfucw+1KBsXF0B0jwMTuz8pfMf
xldKD7ghfjamR2oRZyvxw5jM1cGN7CZeiKPAC8Dlc4Q2krxr/6izp1GCop5Adhyt
TcfyPRbg9U/ugVmmbUVG/ewWtXIr3euIgzuG2UcIufCmCbtb9GsAjCmkT5wPUypS
E9Oz3tKthyxhdIjEMyjXS2R+3TQpxmFS+f7dQW+FoJzTPQa3HtwB5DeLVQ4n/tDE
tqqUsC+QT50oJUQg3oGpzN0LIhpuIFakNwar4k5V04Yze8Hxzw1boRPe0weMPMLv
3LK3zqjEoXSh25fa7UljmCv1oQ+F//A680I/nmZqBflCFZu1tlatUWbzeE7BqRLi
3u9qAh0a3N7ONwanXFeAL9iOcpT7ZUAQ03psF/VHn6my/4RFZvKQDCDeDCkFZEbm
NW6NJVpsBgkt7fHjmiPd
=Toxm
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.