oss-security - Re: CVE-2021-22543

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <CAFswPa8TSUk2UUuLXbzBPx2R8zqiR6de9Co_TBWUOYeEJvu-VA@mail.gmail.com>
Date: Sat, 26 Jun 2021 09:27:40 +0200
From: "Eduardo' Vela\" <Nava>" <evn@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE-2021-22543 - /dev/kvm LPE

https://github.com/torvalds/linux/commit/f8be156be163a052a067306417cd0ff679068c97
fixed
this issue.

On Wed, 26 May 2021, 18:26 Paolo Bonzini, <pbonzini@...hat.com> wrote:

> On 26/05/21 15:48, Eduardo' Vela" <Nava> wrote:
> > Hi
> >
> > I believe this still doesn't have a patch, but +Paolo Bonzini
> > <mailto:pbonzini@...hat.com> has been working on one for some time now.
> >
> > Please use CVE-2021-22543 to refer to this issue.
> >
> > Advisory:
> >
> https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
> > <
> https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
> >
>
> Indeed, I had to put that on hold :( but I'm aware of the issue and I'm
> working on it.
>
> Paolo
>
>

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.