|
Message-ID: <1402904535.30096.12.camel@scapa>
Date: Mon, 16 Jun 2014 09:42:15 +0200
From: Yves-Alexis Perez <corsac@...ian.org>
To: Ben Hutchings <ben@...adent.org.uk>, oss-sec
<oss-security@...ts.openwall.com>
Cc: team@...urity.debian.org, 751417@...s.debian.org
Subject: Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after
prctl(PR_SET_SECCOMP, 1, ...) on MIPS
On dim., 2014-06-15 at 19:31 +0100, Ben Hutchings wrote:
> Please can you assign a CVE ID to this bug?
Hi Ben,
we usually don't assign CVE from our pool for public issues, and I'm
especially reluctant here as I don't know if someone else aware of this
issue could have assign one.
So I'm asking on oss-sec to assign one so it gets some publicity for
security people and someone has a chance to yell if a CVE has already
been assigned.
oss-sec / MITRE: it seems that SECCOMP on MIPS doesn't behave properly
(see [1] for all the details). I'm unsure when it started (I guess when
seccomp was first added to MIPS, it seems at least 3.2 is affected), and
it's fixed in 3.15 (with 137f7df8cead00688524c82360930845396b8a21).
Can someone assign a CVE is this is indeed a new issue?
Regards,
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417
--
Yves-Alexis
Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.