On Tuesday, September 06, 2011 12:20:17 PM Ben Hutchings wrote: > On Tue, Sep 06, 2011 at 11:06:24AM -0400, Luke-Jr wrote: > > On Tuesday, September 06, 2011 9:41:05 AM Ben Hutchings wrote: > > > I understand this and found a patch that should fix it. > > > > Is this a security vulnerability, or am I safe to assume my system was > > not exploited at least through this issue? > > It appears to be a denial-of-service vulnerability. A container can > trigger it by using most of its memory quota and then requesting a new > pty.
I am the only root on all the containers. > I don't believe it allows privilege escalation unless you reduce > vm.mmap_min_addr (or unless a container can do that). Containers cannot. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
