Re: [kernel-hardening] 2015 kernel CVEs

From: One Thousand Gnomes
Date: Wed Jan 20 2016 - 16:27:08 EST

Next message: Michal Hocko: "Re: mm, vmstat: kernel BUG at mm/vmstat.c:1408!"
Previous message: Brijesh Singh: "Re: [PATCH v2] ata: add AMD Seattle platform driver"
In reply to: Jann Horn: "Re: [kernel-hardening] 2015 kernel CVEs"
Next in thread: Kees Cook: "Re: [kernel-hardening] 2015 kernel CVEs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I know of at least two projects that enter user namespaces without the
> necessary care, one of them is LXC.
>
>
> > There is room for improvement in this area but I don't see how this
> > qualifies as a CVE.
>
> I think I agree with that.

If there are projects that screw it up then there should be a CVE - it
just needs someone to update the CVE to indicate where the actual flaw is.

Alan

Next message: Michal Hocko: "Re: mm, vmstat: kernel BUG at mm/vmstat.c:1408!"
Previous message: Brijesh Singh: "Re: [PATCH v2] ata: add AMD Seattle platform driver"
In reply to: Jann Horn: "Re: [kernel-hardening] 2015 kernel CVEs"
Next in thread: Kees Cook: "Re: [kernel-hardening] 2015 kernel CVEs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]