[kernel-sec-discuss] r2474 - dsa-texts
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Sep 2 17:27:30 UTC 2011
Author: jmm
Date: 2011-09-02 17:27:29 +0000 (Fri, 02 Sep 2011)
New Revision: 2474
Modified:
dsa-texts/2.6.32-35squeeze1
Log:
updates
Modified: dsa-texts/2.6.32-35squeeze1
===================================================================
--- dsa-texts/2.6.32-35squeeze1 2011-09-02 17:22:16 UTC (rev 2473)
+++ dsa-texts/2.6.32-35squeeze1 2011-09-02 17:27:29 UTC (rev 2474)
@@ -73,7 +73,11 @@
CVE-2011-2905
- foo
+ Christian Ohm discovered that the 'perf' analysis tool searches
+ for its config files in the current working directory. This could
+ lead to denial of service or potential privilege escalation if
+ a user with evelated privileges is tricked into running 'perf'
+ in a directory under the control of the attacker.
CVE-2011-2909
More information about the kernel-sec-discuss
mailing list