| |||||||||||||
Speaking with codeSpeaking with codePosted Jul 25, 2009 1:22 UTC (Sat) by spender (subscriber, #23067)In reply to: Speaking with code by dlang Parent article: Quotes of the week
The only thing that was fixed when the exploit was written was the tun.c bug, which was fixed with no mention of any security impact (understandable since I had opened up yet another bug class as being exploitable). Everything else was fixed either in response to obvious hints/statements in videos I released a week prior to the exploit, or in response to the exploit itself.
Still waiting on anyone from Red Hat/Fedora to report a CVE for the SELinux issue and tell their users how long they've been vulnerable to null ptr dereference kernel exploits because of it.
-Brad
(Log in to post comments)
Speaking with code Posted Jul 25, 2009 12:40 UTC (Sat) by nix (subscriber, #2304) [Link]
I'm curious: since they've said they don't think it's a bug (more an
expected tradeoff: if you run SELinux without useful policy this is what you get, and no, I don't agree with that either), why would *they* give it a CVE?
Speaking with code Posted Jul 25, 2009 12:53 UTC (Sat) by spender (subscriber, #23067) [Link]
Well, perhaps because they asked me to cancel the CVE request I put in (which I still haven't gotten a response from) so that they would submit their own:
Brad Spengler wrote:
Thanks Brad.
Can you cancel the request? I will assign one (faster), and provide you
-Brad
|
|||||||||||||