@harrysintonen yesterday I read that one should not drop caches in a production system. I don’t know if that recommendation was just for performance or if all hell could break loose.
L
labanskoller@infosec.exchange
@labanskoller@infosec.exchange
Posts
-
Apparently there's yet another #LinuxKernel Local Privilege Escalation #vulnerability. -
Today I have spent way too much time handling the https://copy.fail situation #copyfail@alexanderkjall @jmm hmm…
> As such, the kernel security team strongly recommends that as a reporter of a potential security issue you DO NOT contact the “linux-distros” mailing list UNTIL a fix is accepted by the affected code’s maintainers and you have read the distros wiki page above and you fully understand the requirements that contacting “linux-distros” will impose on you and the kernel community.Well, if it’s too complicated to be a reporter, there is always fulldisclosure@seclists.org.
-
Today I have spent way too much time handling the https://copy.fail situation #copyfail@jmm @alexanderkjall I think I mixed it up with the Linux kernel security team. But shouldn’t *that* team notify the distros?
-
Today I have spent way too much time handling the https://copy.fail situation #copyfail@alexanderkjall I read that they had waited a month with distributing the PoC and that major distributions were prepared.