Folks -- I'm pretty sure I've found a remote-root hole in the default install of
Red Hat 8.0. I'm on x86, but I think it would be present on all archs.
Before I provide the details though (and fix the component ;), is the public
bugzilla the correct forum for this?
Version-Release number of selected component (if applicable):
to be filled out...
Steps to Reproduce:
1. to be filled out...
Thanks for taking the time to contact us.
I'm changing the component to "distribution" to more properly reflect the nature
of what you're reporting. I'll leave it to the component owner to determine how
best to proceed in this matter...
We'd prefer that for non-public issues you contact our security response team at
firstname.lastname@example.org who'll be able to work with you on the issue.
More contact details, GPG keys, and so on at
Issue is not a remote root but a DoS, and is fixed in Red Hat Linux 9 and above.
Being dealt with by email@example.com, closing bug.