Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
forwarded 640650 http://bugzilla.openvz.org/show_bug.cgi?id=1982
thanks
For your information I have also forwarded this upstream.
Best regards,
// Ola
On Tue, Sep 06, 2011 at 01:03:21PM -0400, Luke-Jr wrote:
> On Tuesday, September 06, 2011 12:20:17 PM Ben Hutchings wrote:
> > On Tue, Sep 06, 2011 at 11:06:24AM -0400, Luke-Jr wrote:
> > > On Tuesday, September 06, 2011 9:41:05 AM Ben Hutchings wrote:
> > > > I understand this and found a patch that should fix it.
> > >
> > > Is this a security vulnerability, or am I safe to assume my system was
> > > not exploited at least through this issue?
> >
> > It appears to be a denial-of-service vulnerability. A container can
> > trigger it by using most of its memory quota and then requesting a new
> > pty.
>
> I am the only root on all the containers.
>
> > I don't believe it allows privilege escalation unless you reduce
> > vm.mmap_min_addr (or unless a container can do that).
>
> Containers cannot.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 201109061303.31020.luke@dashjr.org">http://lists.debian.org/[🔎] 201109061303.31020.luke@dashjr.org
>
>
--
--------------------- Ola Lundqvist ---------------------------
/ opal@debian.org Annebergsslingan 37 \
| ola@inguza.com 654 65 KARLSTAD |
| http://inguza.com/ +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
Reply to: