| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201306191720.47185.arnd@arndb.de> Date: Wed, 19 Jun 2013 17:20:46 +0200 From: Arnd Bergmann <arnd@...db.de> To: James Bottomley <James.Bottomley@...senpartnership.com> Cc: Marek Szyprowski <m.szyprowski@...sung.com>, Bjorn Helgaas <bhelgaas@...gle.com>, Michal Simek <michal.simek@...inx.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Michal Simek <monstr@...str.eu>, "Linux-Arch" <linux-arch@...r.kernel.org> Subject: Re: [PATCH] dma-mapping: Add BUG_ON for uninitialized dma_ops On Friday 14 June 2013, James Bottomley wrote: > This is the MMAP_PAGE_ZERO exploit. The original exploit relied on a > leaky personality capability clearing mask and was fixed in 2.6.31 by > > commit f9fabcb58a6d26d6efde842d1703ac7cfa9427b6 > Author: Julien Tinnes <jt@....org> > Date: Fri Jun 26 20:27:40 2009 +0200 > > personality: fix PER_CLEAR_ON_SETID > > So it's not really relevant to 3.x kernels, is it? Probably not. There is always a risk that something like this can turn into an exploit, but it needs a combination with a couple of other bugs. Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists