Re: [VULN 2/4] No read-only mappings

To: Sergey Bugaev <bugaevc@gmail.com>, bug-hurd@gnu.org
Cc: debian-hurd@lists.debian.org, ludo@gnu.org, guix-devel@gnu.org, samuel.thibault@gnu.org, jlledom@mailfence.com, jbranso@dismail.de, rbraun@sceen.net
Subject: Re: [VULN 2/4] No read-only mappings
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 9 Nov 2021 09:38:02 +1300
Message-id: <[🔎] 875b34be-51c4-e8ea-3d26-296ea745ce2e@treenet.co.nz>
In-reply-to: <[🔎] 20211102163121.415934-3-bugaevc@gmail.com>
References: <[🔎] 20211102163121.415934-1-bugaevc@gmail.com> <[🔎] 20211102163121.415934-3-bugaevc@gmail.com>

On 3/11/21 05:31, Sergey Bugaev wrote:

Short description
=================

A single pager port is shared between anyone who mmaps a file, allowing anyone
to modify any files they can read. This can be trivially exploited to get full
root access to the system.


This has been assigned CVE-2021-43413


Amos

Reply to:

References:
- [VULN 0/4] Hurd vulnerability details
  - From: Sergey Bugaev <bugaevc@gmail.com>
- [VULN 2/4] No read-only mappings
  - From: Sergey Bugaev <bugaevc@gmail.com>

Prev by Date: Re: [VULN 1/4] Fake notifications
Next by Date: Re: [VULN 3/4] setuid exec race
Previous by thread: [VULN 2/4] No read-only mappings
Next by thread: [VULN 4/4] Process auth man-in-the-middle
Index(es):
- Date
- Thread