[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#307900: kernel-image-2.6.8-2-386: This image, and maybe some others are easiably locally rootable. Exploit included.

reassign 307900 kernel-source-2.6.8
tag 307900 + pending
tag 307900 + security
thanks

On Fri, May 06, 2005 at 12:02:44PM +0300, Samuli Suominen wrote:
> Package: kernel-image-2.6.8-2-386
> Severity: critical
> Justification: breaks the whole system
> 
> 
> Proof of consept: http://www.frsirt.com/exploits/20050322.k-rad.c.php
> This would work on other NON-SMP kernels too. Makes kernel images
> unusable for multiuser system.

The fix for this is in SVN and will be made available in the next release.

-- 
Horms
Reply to: