Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
On Tue, Sep 06, 2011 at 11:06:24AM -0400, Luke-Jr wrote:
> On Tuesday, September 06, 2011 9:41:05 AM Ben Hutchings wrote:
> > I understand this and found a patch that should fix it.
>
> Is this a security vulnerability, or am I safe to assume my system was not
> exploited at least through this issue?
It appears to be a denial-of-service vulnerability. A container can
trigger it by using most of its memory quota and then requesting a new
pty.
I don't believe it allows privilege escalation unless you reduce
vm.mmap_min_addr (or unless a container can do that).
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus
Reply to: