[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local root exploit in 2.4.29



At least it is for gpcc/sites or other people who have local users. I have a compilation of 2.4.31, however, the config doesn't incorporate all the changes discussed in our meeting a month ago.

From a previous e-mail the agreed changes were:
    b) new kernel 2.4.30, doesn't have driver/patch for sk98lin
        SATA options, SCSI
        system.map
        sysreq magic key
        pcnet32 ethernet support
        sk98lin from belkin
        security ramifications, kevin will tell us how aggressively to
deploy
        patches: NOTES, common tracking, belkin patches not in 2.4.30

Of this, I have
        pcnet32 ethernet support
        sk98lin from belkin

I'm not sure which options to turn on for the remaining settings, so if anyone has already made a config, or knows what I should turn on, please let me know.

Albert



On Tue, 7 Jun 2005, Michael C Garrison wrote:

Our current kernel has a local root exploit that was published May 11th.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263

The proof of concept will crash a machine:
http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt

2.4.31 fixes this, which was released on 2005-06-01. I think that this should be a high priority update that we need to do ASAP.

--
Mike Garrison