Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: ddomoney on December 02, 2003, 05:32:32 AM

Title: Linux Kernel Vulnerability
Post by: ddomoney on December 02, 2003, 05:32:32 AM

OK gang - anybody looked at this yet?

http://www.eweek.com/article2/0,4149,1400446,00.asp

I am wondering if anyone has started to engineer a fix as yet for SME. Apparently
kernel versions 2.4.23 and above would be a good starting place.

Darrin

Title: Re: Linux Kernel Vulnerability
Post by: Charlie Brady on December 02, 2003, 06:45:55 AM

ddomoney wrote:

> I am wondering if anyone has started to engineer a fix as yet
> for SME.

I expect that RedHat has.

Note that this is reported to be a local root exploit. In other words you need local shell access to exploit it. Nobody has local shell access on an unmodified SME server except admin.

Now it is *just* possible that some legal remote access can cause a sequence of memory allocations which can trigger the bug, but I think that very unlikely.

Charlie

Title: Re: Linux Kernel Vulnerability
Post by: Charlie Brady on December 02, 2003, 06:58:02 AM

Charlie Brady wrote:

> I expect that RedHat has.

And I wasn't wrong;

...
Red Hat Security Advisory

Synopsis:          Updated 2.4 kernel fixes privilege escalation security vulnerability
Advisory ID:       RHSA-2003:392-00
...
1. Topic:

Updated kernel packages are now available that fix a security vulnerability
leading to a possible privilege escalation.
...