oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request - kernel: s390 task

Re: [oss-security] CVE request - kernel: s390 task_show_regs infoleak

From: Josh Bressers <bressers_at_nospam>
Date: Wed Feb 16 2011 - 13:45:16 GMT
To: oss-security@lists.openwall.com

----- Original Message -----
> "task_show_regs used to be a debugging aid in the early bringup days of
> Linux on s390. /proc/<pid>/status is a world readable file, it is not a
> good idea to show the registers of a process. The only correct fix is to
> remove task_show_regs."
>
> http://git.kernel.org/linus/261cd298a8c363d7985e3482946edb4bfedacf98
> https://bugzilla.redhat.com/677850
>
> This does all the way back to 2.4.x.
>

Please use CVE-2011-0710.

Thanks.

-- JB