Bug#307900: kernel-image-2.6.8-2-386: This image, and maybe some others are easiably locally rootable. Exploit included.
reassign 307900 kernel-source-2.6.8
tag 307900 + pending
tag 307900 + security
thanks
On Fri, May 06, 2005 at 12:02:44PM +0300, Samuli Suominen wrote:
> Package: kernel-image-2.6.8-2-386
> Severity: critical
> Justification: breaks the whole system
>
>
> Proof of consept: http://www.frsirt.com/exploits/20050322.k-rad.c.php
> This would work on other NON-SMP kernels too. Makes kernel images
> unusable for multiuser system.
The fix for this is in SVN and will be made available in the next release.
--
Horms
Reply to: