Re: Wheezy is vulnerable to CVE-2013-2094

To: John Andreasson <andreassonjohn@gmail.com>
Cc: debian-security@lists.debian.org
Subject: Re: Wheezy is vulnerable to CVE-2013-2094
From: dann frazier <dannf@dannf.org>
Date: Tue, 14 May 2013 11:29:05 -0600
Message-id: <[🔎] 20130514172905.GB6457@dannf.org>
In-reply-to: <[🔎] CAHRhq0oKnfOieZCC1BwrX1o3YEzR-D0aGCZ4mq0WQPiUzJw2XA@mail.gmail.com>
References: <[🔎] CAHRhq0oKnfOieZCC1BwrX1o3YEzR-D0aGCZ4mq0WQPiUzJw2XA@mail.gmail.com>

On Tue, May 14, 2013 at 09:36:12AM -0700, John Andreasson wrote:
> Hi.
> 
> Was just alerted of a kernel bug in RHEL [1], but when testing the sample
> code on Wheezy as an unprivileged user it successfully gives me a root
> prompt. Kind of suboptimal. :-(
> 
> Any idea when this is fixed?

We're investigating it now and will provide a fix ASAP.

      -dann

> [1] https://bugzilla.redhat.com/show_bug.cgi?id=962792

Reply to:

References:
- Wheezy is vulnerable to CVE-2013-2094
  - From: John Andreasson <andreassonjohn@gmail.com>

Prev by Date: Re: Wheezy is vulnerable to CVE-2013-2094
Next by Date: Re: Wheezy is vulnerable to CVE-2013-2094
Previous by thread: Re: Wheezy is vulnerable to CVE-2013-2094
Next by thread: Re: [SECURITY] [DSA 2668-1] linux-2.6 security update
Index(es):
- Date
- Thread