[Secure-testing-team] Re: [Secure-testing-commits] r5099 - data/CVE
Florian Weimer
fw at deneb.enyo.de
Sun Dec 10 17:32:52 CET 2006
* Moritz Muehlenhoff:
> CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
> - - linux-2.6 <unfixed> (low)
> + - linux-2.6 <unfixed> (unimportant)
> + NOTE: Mounting filesystem partitions should be limited to root
But it's not in a default install, at least for VFAT USB sticks.
Perhaps these bugs are relevant after all.
We could declare that console users are trusted by definition, but
this is a bit excessive.
More information about the Secure-testing-team
mailing list