| |||||||||||||
Kernel.org's road to recoveryKernel.org's road to recoveryPosted Oct 10, 2011 22:41 UTC (Mon) by malor (subscriber, #2973)In reply to: Kernel.org's road to recovery by vonbrand Parent article: Kernel.org's road to recovery Try the security alert from five days ago: From RedHat errata:
* Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. (CVE-2011-1745, CVE-2011-2022, Important) Bunch of other stuff too, but there's two likely local root exploits from October 5. Took me about ten minutes to spot, and that's only because I had to look through some lesser CVEs LWN posted about twenty minutes ago. It would have proved the point even more thoroughly to have gotten a local root exploit today, but five days ago, I think, is adequate.
(Log in to post comments)
Kernel.org's road to recovery Posted Oct 11, 2011 0:09 UTC (Tue) by vonbrand (subscriber, #4458) [Link] And? How do you know whoever patched the bug knew the CVEs beforehand? This is a RHEL kernel, i.e., a stable kernel (+ patches), so this came probably via the stable patch stream.
Kernel.org's road to recovery Posted Oct 11, 2011 0:24 UTC (Tue) by malor (subscriber, #2973) [Link]
Ok, I'm done talking to you. You just keep moving the goalposts around, anything to not be wrong.
|
|||||||||||||