forwarded 640650 http://bugzilla.openvz.org/show_bug.cgi?id=1982 thanks
For your information I have also forwarded this upstream. Best regards, // Ola On Tue, Sep 06, 2011 at 01:03:21PM -0400, Luke-Jr wrote: > On Tuesday, September 06, 2011 12:20:17 PM Ben Hutchings wrote: > > On Tue, Sep 06, 2011 at 11:06:24AM -0400, Luke-Jr wrote: > > > On Tuesday, September 06, 2011 9:41:05 AM Ben Hutchings wrote: > > > > I understand this and found a patch that should fix it. > > > > > > Is this a security vulnerability, or am I safe to assume my system was > > > not exploited at least through this issue? > > > > It appears to be a denial-of-service vulnerability. A container can > > trigger it by using most of its memory quota and then requesting a new > > pty. > > I am the only root on all the containers. > > > I don't believe it allows privilege escalation unless you reduce > > vm.mmap_min_addr (or unless a container can do that). > > Containers cannot. > > > > -- > To UNSUBSCRIBE, email to [email protected] > with a subject of "unsubscribe". Trouble? Contact [email protected] > Archive: http://lists.debian.org/[email protected] > > -- --------------------- Ola Lundqvist --------------------------- / [email protected] Annebergsslingan 37 \ | [email protected] 654 65 KARLSTAD | | http://inguza.com/ +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

