Vulmon
Good Morning!
Am 27.01.22 um 23:20 schrieb Mathias Krause:
It's now also part of the following kernels:
v4.14.264: commit e8d092a62449
v4.19.227: commit 0008a0c78fc3
v5.4.175: commit 84b1259fe36a
v5.10.95: commit 77656fde3c01
v5.15.18: commit 6066977961fc
v5.16.4: commit 1d833b27fb70
Attached is the exploit, as demanded by the linux-distros mailing list
policy.
We did not intend to be providing this exploit, especially not within 7
days of disclosure, however when reporting this issue privately to
linux-distros and asked to provide the exploit I developed, I did not
realize that the mailing list rules
(https://oss-security.openwall.org/wiki/mailing-lists/distros) require
the public posting of the exploit no later than I am providing it now.
While the requirement does serve the useful purpose of ensuring the
private list doesn't become a stockpile of private exploits, we
encourage others to please read the rules of the list fully before
submitting and consider sharing exploits with individual members rather
than to the list as a whole so as to avoid being forced to publish an
exploit that in some instances may do more harm than good.
Thanks,
Mathias