From mboxrd@z Thu Jan 1 00:00:00 1970 Reply-To: kernel-hardening@lists.openwall.com Date: Wed, 20 Jan 2016 12:19:58 +0100 From: Hanno =?UTF-8?B?QsO2Y2s=?= Message-ID: <20160120121958.4a392837@pc1> In-Reply-To: <20160119124917.6058019b@pc1> References: <20160119112812.GA10818@mwanda> <20160119124917.6058019b@pc1> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="=_zucker.schokokeks.org-23244-1453288759-0001-2" Subject: Re: [kernel-hardening] 2015 kernel CVEs To: kernel-hardening@lists.openwall.com List-ID: This is a MIME-formatted message. If you see this text it means that your E-mail software does not support MIME-formatted messages. --=_zucker.schokokeks.org-23244-1453288759-0001-2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Tue, 19 Jan 2016 12:49:17 +0100 Hanno B=C3=B6ck wrote: > > There was only one that might have come from a USB fuzzer. > > We probably should be testing those things better. =20 >=20 > This is surprising to me. There was a talk at black hat amsterdam in > 2014 about a project trying to do exactly this. They sounded like they > have dozends of crashers that just need to be sorted and reported > upstream. Here's the code [2] and the talk [3]. https://packetstormsecurity.com/files/133892/RedHat-Enterprise-Linux-7.1-De= nial-Of-Service.html It seems they have started reporting issues and got limited replies. --=20 Hanno B=C3=B6ck http://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: BBB51E42 --=_zucker.schokokeks.org-23244-1453288759-0001-2 Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJWn21eAAoJEKWIAHK7tR5Cv20QAJLiQSJAeYD/ovzatXHxFSNK a79LwJ41EyuwD5ctusTHytAJmxYeAru5wXC3TD3zD0Ua6BgRNa57ASwiL2EBiztU g49FHMCtDfhA66WKp5uWHNvY5vJ7nSma4TkxSBKJ09igq+hf16rk9ndOn+HYnmxc GDQnLrf+PFZokwxwl9zGOcyxLPmcAfuUav4NiMLaJZShqLZTymDjHBJNBKWnHWoD exjMh8XcPDIUzlhbkB2GDybsakZekBzb79k8kfAKebVwEAcSy6quZ/uQbzCnhyeb thn0QGGGcDQegN7xtpcFlZTk5mTpIo0QmRq7VdwbAX5lEq80LsrhQcWSn5Z0KYI7 ysW+MpmStbAfguxX2bZGOTPIA94dRjymXgLRZJBhJi9TIX3VAtzJ/JnSgD1aqzSD WEbxNI696RUpaXgB/WUvCXjf4Q1NhWvj5E2MQ4JgvCZDVVsTf/e+s8YFsdww6IPm HhNRaTGN0ZAdbmBejNfnTCGyQ8AkKSN5C2pwALxQMUC53ZLebosbQ7/MK4/jMPK+ exqZaqOqhtCaWepd3TfXP80a5X8+NnWP8js9HlyuH/rrLmsgEF47owS/F12zy7ID 5vLQL+KJvPJ1kWo8H9ok1lnjc02hAoukhM6qnD4A/BEKvMJLGYJy2w63+FuWjWhM G4TPB3r7g4bVHQFfy1MA =pyNY -----END PGP SIGNATURE----- --=_zucker.schokokeks.org-23244-1453288759-0001-2--