oss-sec mailing list archives
Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation
From: Norbert Slusarek <nslusarek () gmx net>
Date: Thu, 26 May 2022 18:44:38 +0200
What do you suggest we do regarding the LPE exploit you sent to linux-distros?
I saw your reveal of linux-distros from 2020 and the exchange didn't include any text nor attachments. In that case, the exploit should remain private to linux-distros accordingly.
What do you suggest we do with this policy aspect going forward, so that people do not get into a situation where they're required to do something they didn't want to subscribe to?
How is this policy aspect enforced in the first place? If it's not, I suggest you remove it entirely as there is no reason to have policies which cannot (and shouldn't) be enforced. Overall, as a researcher I would prefer having a way just to inform distros of a bug, *without* being subject to these requirements. Norbert
Current thread:
- CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Norbert Slusarek (May 20)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (May 21)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Norbert Slusarek (May 24)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (May 24)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Norbert Slusarek (May 26)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Jeremy Stanley (May 26)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (May 26)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (Jun 30)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Norbert Slusarek (Jun 30)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Norbert Slusarek (May 24)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (May 21)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Philip Pettersson (May 26)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Mike O'Connor (May 27)
- Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation Solar Designer (May 28)