Re: Security holes in 2.4.25?
On Wed, Apr 14, 2004 at 04:16:28PM -0500, Micah Anderson wrote:
> With the rash of security gaffs in the kernel related to mmap and
> mremap, does it make anyone else nervous to see the following in the
> changelog for 2.4.26:
>
> o mremap NULL pointer dereference fix
>
> If this was a security concern, would it be noted in the changelog?
Not generally, no. The kernel maintainers are notorious for obscuring such
things.
> Additionally, the 2.4.25 kernel seems to have a local root exploit for
> CDROMs: http://lwn.net/Articles/80480/
See DSA-479.
--
- mdz
Reply to: