[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local root exploit in 2.4.29



Ack. That was my mistake. I renamed the transcripts and rcs notes, but I neglected to rename the directory holding the files. I had originally named the kernel 1.3.1, but I realized that conflicted with our naming scheme, so I made it 1.4.0. It should be fixed now. The cache manager suffered equally, but also should be better now.

sixthday% lcksum -c sha1 -n kernel-1.4.0.T
kernel-1.4.0.T: verified
sixthday% lcksum -c sha1 -n openafs-1.2.13-cm-1.4.0.T
openafs-1.2.13-cm-1.4.0.T: verified

I'll see what I can do about a bootcd as well.

Albert


On Wed, 8 Jun 2005, Katarina Lukaszewicz wrote:


the shared/kernel-1.4.0 doesn't have any files under file/shared/kernel-1.4.0

sixthday-radmind:; ls file/shared/kern*
file/shared/kernel-1.3.0.T:
boot  lib

file/shared/kernel-1.3.1.T:
boot  lib
sixthday-radmind:; pwd
/var/radmind

Katarina Lukaszewicz
part of Blackops oncall and technical administrative support
for UMCE services

On Wed, 8 Jun 2005, Albert Bertram wrote:

I have a kernel and afs cache manager available for people to test or otherwise use. Relevant transcripts are:

shared/kernel-1.4.0.T
shared/openafs/openafs-1.2.13-cm-1.4.0.T

patches and the new config have been checked in to cvs on equilibrium.

Albert


On Tue, 7 Jun 2005, Michael C Garrison wrote:


Our current kernel has a local root exploit that was published May 11th.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263

The proof of concept will crash a machine:
http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt

2.4.31 fixes this, which was released on 2005-06-01. I think that this should be a high priority update that we need to do ASAP.

--
Mike Garrison




!DSPAM:42a72df3224951568624796!