** Description changed: - Description needed + While working on KernelThreadSanitizer (KTSAN), a data race detector for + kernels, Dmitry Vyukov found a data race that can trick the kernel into + using unitialized memory. - This can at least give access to arbitrary + SysV shared memory and Dmitry developed a proof of concept exploit for + this. (On many systems, this can be used to escalate privileges). - + While we didn't investigate this deeply, it is almost certain that this + vulnerability can be used to gain arbitrary code execution in the + kernel. Exercise left to the reader.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1502032 Title: CVE-2015-7613 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1502032/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
