Yup, waiting a day or two is no problem, we’re happy to wait until you guys
have a patch/errata ready :)
> On Aug 1, 2016, at 3:23 PM, Tim Newsham wrote:
>
> Yup. Thank you!
>
> On Mon, Aug 1, 2016 at 9:17 AM, Bob Beck wrote:
>
>> And just to confirm tim, we're sorting out the nature of a m
Yup. Thank you!
On Mon, Aug 1, 2016 at 9:17 AM, Bob Beck wrote:
> And just to confirm tim, we're sorting out the nature of a minimal patch
> for a possible errata, and we'll
> need to get the errata signed. I don't anticipate this will be more than a
> day or two if you can wait that long.
>
>
And just to confirm tim, we're sorting out the nature of a minimal patch
for a possible errata, and we'll
need to get the errata signed. I don't anticipate this will be more than a
day or two if you can wait that long.
On Mon, Aug 1, 2016 at 1:09 PM, Mark Kettenis
wrote:
> > From: Jesse Hertz
> From: Jesse Hertz
> Date: Mon, 1 Aug 2016 14:38:19 -0400
>
> Hi All,
>
> Is a fix for this in the works? We'd like to be able to point to a
> fix before posting to oss-sec :)
Hi Jesse,
The fix suggested in the analysis has been committed, and we have
committed two other fixes to prevent agai
Hi Tim,
Yes, a fix is being discussed ATM.. we'll let you know shortly I believe.
On Mon, Aug 1, 2016 at 12:38 PM, Jesse Hertz
wrote:
> Hi All,
>
> Is a fix for this in the works? We’d like to be able to point to a fix
> before posting to oss-sec :)
>
> Best,
> -jh
> > On Jul 28, 2016, at 8:58
Hi All,
Is a fix for this in the works? We’d like to be able to point to a fix before
posting to oss-sec :)
Best,
-jh
> On Jul 28, 2016, at 8:58 PM, Tim Newsham wrote:
>
> Hi, We just came across another issue that allows a user to crash the system
> through mmap. Despite trying, we didn't
Hi, We just came across another issue that allows a user to crash the system
through mmap. Despite trying, we didn't notice any more serious privilege
escalation opportunities.
/*
* mmap_dup_panic.c
*Demonstrate a panic through the mmap system call.
*
* gcc -g mmap_dup_panic.c -o mmap_