[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local root exploit in 2.4.29



Even if there aren't local users, if someone is able to exploit, i dunno, say a php script as the webserver then they could possibly root the box via this. Granted, we have deeper problems if that scenario is true, but this isn't something that should be put off in my opinion.

--
Mike



On Tue, 7 Jun 2005, Albert Bertram wrote:

At least it is for gpcc/sites or other people who have local users. I have a compilation of 2.4.31, however, the config doesn't incorporate all the changes discussed in our meeting a month ago.

From a previous e-mail the agreed changes were:
   b) new kernel 2.4.30, doesn't have driver/patch for sk98lin
       SATA options, SCSI
       system.map
       sysreq magic key
       pcnet32 ethernet support
       sk98lin from belkin
       security ramifications, kevin will tell us how aggressively to
deploy
       patches: NOTES, common tracking, belkin patches not in 2.4.30

Of this, I have
       pcnet32 ethernet support
       sk98lin from belkin

I'm not sure which options to turn on for the remaining settings, so if anyone has already made a config, or knows what I should turn on, please let me know.

Albert



On Tue, 7 Jun 2005, Michael C Garrison wrote:

Our current kernel has a local root exploit that was published May 11th.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263

The proof of concept will crash a machine:
http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt

2.4.31 fixes this, which was released on 2005-06-01. I think that this should be a high priority update that we need to do ASAP.

--
Mike Garrison