Hi all, Today a vulnerability that we reported to security@kernel was fixed:
https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a Brad Spengler then published a brief analysis: https://x.com/spendergrsec/status/2054974174926430322 >From Altan Baig in that thread we learned that in 2020 Jann Horn had already proposed a patch for this issue: https://lore.kernel.org/all/[email protected]/ https://lore.kernel.org/all/[email protected]/ Later today two exploits for this vulnerability were published by _SiCk: https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn Today we also contacted the linux-distros@openwall, but since exploits are already public we were told to send this to oss-security@openwall instead, hence this post. We are not publishing our advisory yet, to give distributions and users a chance to patch. We are at your disposal for questions, comments, further discussions. Thank you very much! With best regards, -- the Qualys Security Advisory team
