* luna is listening to this weeks podcast now | 08:11 | |
luis220413 | Please triage CVE-2022-28736 for all Ubuntu releases and set its priority to Low or Negligible, because an exploit requires either physical or root access. | 22:03 |
---|---|---|
ubottu | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736> | 22:03 |
luis220413 | Please also provide a description in the CVE file. | 22:03 |
luis220413 | Please triage CVE-2022-28735 for all Ubuntu releases. This is a Secure Boot bypass. | 22:13 |
ubottu | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735> | 22:13 |
luis220413 | Same for CVE-2022-28734 and CVE-2022-28733, but these are heap buffer overflows that can lead to arbitrary code execution, but these require GRUB to use networking. | 22:17 |
ubottu | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734> | 22:17 |
ubottu | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733> | 22:17 |
luis220413 | You can also triage the other CVEs for grub2: https://ubuntu.com/security/cves?q=&package=grub2&priority=&version=&status=needs-triage | 22:22 |
luis220413 | They can lead to arbitrary code execution with varying difficulty, according to the descriptions. | 22:23 |
luis220413 | *can all | 22:23 |
luis220413 | I will leave now but I will see your replies in the logs. | 22:24 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!