|
Message-ID: <5783F915.1010104@canonical.com>
Date: Mon, 11 Jul 2016 14:52:53 -0500
From: Tyler Hicks <tyhicks@...onical.com>
To: oss-security@...ts.openwall.com
Cc: John Johansen <john.johansen@...onical.com>
Subject: Re: CVE request: apparmor: oops in
apparmor_setprocattr()
On 07/11/2016 10:08 AM, Ben Laurie wrote:
> On 9 July 2016 at 07:41, John Johansen <john.johansen@...onical.com> wrote:
>> There is a potential privilege escalation in apparmor's setprocattr() interface.
>>
>> https://lkml.org/lkml/2016/7/7/906
>>
>> introduced by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca
>> fixed by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca
>
> I assume its not actually introduced and fix by the same commit. :-)
The correct hashes are:
introduced by: bb646cdb12e75d82258c2f2e7746d5952d3e321a
fixed by: 30a46a4647fd1df9cf52e43bf467f0d9265096ca
Tyler
>
>>
>> Could you assign a CVE for this issue?
>>
>> thanks
>> John
>>
Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.