[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local root exploit in 2.4.29



I have a bootcd available, Katarina and Mike both have physical copies of it, but the iso file is located in /var/radmind/bootcd on sixthday. This required a generic kernel, so we now have a 2.4.31-generic available in the shared transcript directory if anyone is interested in using that.

Let me know if there's any problems using the cd, or if there's anything you'd like added to it.

Albert



On Wed, 8 Jun 2005, Albert Bertram wrote:

Ack. That was my mistake. I renamed the transcripts and rcs notes, but I neglected to rename the directory holding the files. I had originally named the kernel 1.3.1, but I realized that conflicted with our naming scheme, so I made it 1.4.0. It should be fixed now. The cache manager suffered equally, but also should be better now.

sixthday% lcksum -c sha1 -n kernel-1.4.0.T
kernel-1.4.0.T: verified
sixthday% lcksum -c sha1 -n openafs-1.2.13-cm-1.4.0.T
openafs-1.2.13-cm-1.4.0.T: verified

I'll see what I can do about a bootcd as well.

Albert


On Wed, 8 Jun 2005, Katarina Lukaszewicz wrote:


the shared/kernel-1.4.0 doesn't have any files under file/shared/kernel-1.4.0

sixthday-radmind:; ls file/shared/kern*
file/shared/kernel-1.3.0.T:
boot  lib

file/shared/kernel-1.3.1.T:
boot  lib
sixthday-radmind:; pwd
/var/radmind

Katarina Lukaszewicz
part of Blackops oncall and technical administrative support
for UMCE services

On Wed, 8 Jun 2005, Albert Bertram wrote:

I have a kernel and afs cache manager available for people to test or otherwise use. Relevant transcripts are:

shared/kernel-1.4.0.T
shared/openafs/openafs-1.2.13-cm-1.4.0.T

patches and the new config have been checked in to cvs on equilibrium.

Albert


On Tue, 7 Jun 2005, Michael C Garrison wrote:


Our current kernel has a local root exploit that was published May 11th.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263

The proof of concept will crash a machine:
http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt

2.4.31 fixes this, which was released on 2005-06-01. I think that this should be a high priority update that we need to do ASAP.

--
Mike Garrison




!DSPAM:42a72df3224951568624796!