Message-ID: <1402904535.30096.12.camel@scapa> Date: 2014年6月16日 09:42:15 +0200 From: Yves-Alexis Perez <corsac@...ian.org> To: Ben Hutchings <ben@...adent.org.uk>, oss-sec <oss-security@...ts.openwall.com> Cc: team@...urity.debian.org, 751417@...s.debian.org Subject: Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS On dim., 2014年06月15日 at 19:31 +0100, Ben Hutchings wrote: > Please can you assign a CVE ID to this bug? Hi Ben, we usually don't assign CVE from our pool for public issues, and I'm especially reluctant here as I don't know if someone else aware of this issue could have assign one. So I'm asking on oss-sec to assign one so it gets some publicity for security people and someone has a chance to yell if a CVE has already been assigned. oss-sec / MITRE: it seems that SECCOMP on MIPS doesn't behave properly (see [1] for all the details). I'm unsure when it started (I guess when seccomp was first added to MIPS, it seems at least 3.2 is affected), and it's fixed in 3.15 (with 137f7df8cead00688524c82360930845396b8a21). Can someone assign a CVE is this is indeed a new issue? Regards, [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417 -- Yves-Alexis Download attachment "signature.asc " of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.