[kernel-sec-discuss] r3804 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jun 3 06:52:45 UTC 2015
Author: jmm
Date: 2015-06-03 06:52:44 +0000 (Wed, 03 Jun 2015)
New Revision: 3804
Modified:
active/CVE-2015-2925
Log:
add refs
Modified: active/CVE-2015-2925
===================================================================
--- active/CVE-2015-2925 2015-06-03 06:47:51 UTC (rev 3803)
+++ active/CVE-2015-2925 2015-06-03 06:52:44 UTC (rev 3804)
@@ -7,6 +7,12 @@
bwh> so I'm not clear exactly what goes wrong. However this appears
bwh> to be dependent on having CAP_SYS_ADMIN in a user namespace (to
bwh> change therefore not relevant to older kernel versions.
+ jmm> Split from CVE-2014-9717:
+ jmm> http://www.spinics.net/lists/linux-containers/msg30804.html (16/19)
+ jmm> http://www.spinics.net/lists/linux-containers/msg30798.html (17/19)
+ jmm> http://www.spinics.net/lists/linux-containers/msg30797.html (18/19)
+ jmm> http://www.spinics.net/lists/linux-containers/msg30802.html (19/19)
+ bwh> I think the last four are needed for CVE-2015-2925, not CVE-2014-9717
Bugs:
upstream: needed
2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
More information about the kernel-sec-discuss
mailing list