From owner-freebsd-security@freebsd.org  Fri Jul 28 13:04:07 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56B35DC5BC8
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Fri, 28 Jul 2017 13:04:07 +0000 (UTC)
 (envelope-from joey@joeykelly.net)
Received: from safegreet.com (safegreet.com [173.230.129.132])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2CD63BE8
 for <freebsd-security@freebsd.org>; Fri, 28 Jul 2017 13:04:06 +0000 (UTC)
 (envelope-from joey@joeykelly.net)
Received: from localhost (localhost [127.0.0.1])
 by safegreet.com (Postfix) with ESMTP id 98DB94213
 for <freebsd-security@freebsd.org>; Fri, 28 Jul 2017 08:04:00 -0500 (CDT)
X-Virus-Scanned: amavisd-new at safegreet.com
Received: from safegreet.com ([127.0.0.1])
 by localhost (safegreet.com [127.0.0.1]) (amavisd-new, port 10024)
 with LMTP id YPDvYpiC3qmI for <freebsd-security@freebsd.org>;
 Fri, 28 Jul 2017 08:03:59 -0500 (CDT)
Received: by safegreet.com (Postfix, from userid 48)
 id E1AC94288; Fri, 28 Jul 2017 08:03:59 -0500 (CDT)
Received: from 64.88.172.228 (SquirrelMail authenticated user mmlj4)
 by safegreet.com with HTTP; Fri, 28 Jul 2017 08:03:59 -0500
Message-ID: <d8e4fd5a3475216b24a32e354dc3ce5a.squirrel@safegreet.com>
In-Reply-To: <26de0aed-8151-6105-188f-ad0c6c6cf8b8@erdgeist.org>
References: <26de0aed-8151-6105-188f-ad0c6c6cf8b8@erdgeist.org>
Date: Fri, 28 Jul 2017 08:03:59 -0500
Subject: Re: DefCon lecture BSD Kern Vulns
From: "Joey Kelly" <joey@joeykelly.net>
To: freebsd-security@freebsd.org
Cc: freebsd-security@freebsd.org
User-Agent: SquirrelMail/1.4.22-5.el6
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jul 2017 13:04:07 -0000

I haven't read the paper yet, and I'm surely not up on things enough to
know what I'm looking at, but are these 0-days? If so, do they store them
up so they can present at defcon?

--Joey

> Out of curiosity:
>
> have those findings officially been reported? Is someone working on them?
>
> https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf
>
> If not, shall I extract them?
>
> Maybe we should start an "audit a subsystem" week ;)
>
>   erdgeist
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"
>


-- 
Joey Kelly
Minister of the Gospel and Linux Consultant
http://joeykelly.net
504-239-6550