Re: [kernel-hardening] 2015 kernel CVEs

From: One Thousand Gnomes
Date: Wed Jan 20 2016 - 16:27:08 EST

> I know of at least two projects that enter user namespaces without the
> necessary care, one of them is LXC.
> > There is room for improvement in this area but I don't see how this
> > qualifies as a CVE.
> I think I agree with that.

If there are projects that screw it up then there should be a CVE - it
just needs someone to update the CVE to indicate where the actual flaw is.