Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit

To: debian-security@lists.debian.org
Subject: Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
From: TiM <tim@muppetz.com>
Date: Mon, 10 Jan 2005 09:23:36 +1300
Message-id: <[🔎] 41E192C8.5000707@muppetz.com>
In-reply-to: <[🔎] 20050109192820.GA12936@tofu.mamane.lu>
References: <[🔎] 20050108194042.GA1940@smtp.nuit.ca> <[🔎] 20050109192820.GA12936@tofu.mamane.lu>

http://www.grsecurity.net/linux-2.4.28-secfix-200501071141.patch is notment to be applied to a clean 2.4.28 kernel, it's ment to be appliedafter you apply the grsecurity patch.

"Description: Cumulative security patch against 2.4.28, apply afterapplying grsecurity" - from http://grsecurity.net/download.php

I'm not sure why this URL was posted as a fix to the problem. Yes, itdoes fix it, but only if you've also patched your kernel with grsecurity(a very good idea IMHO, but not really a fix for everyone)


Tim

Lionel Elie Mamane wrote:

On Sat, Jan 08, 2005 at 02:40:52PM -0500, Simon Raven / Eric S. Côté wrote:

2.4.28
http://www.grsecurity.net/linux-2.4.28-secfix-200501071141.patch



Is huge, touches many areas. Didn't apply cleanly to a pristine
2.4.28. The LKML gives

 http://linux.bkbits.net:8080/linux-2.4/patch@1.1551?nav=index.html|ChangeSet@-1d|cset@1.1551

and

 http://lethalman.iosn.it/patches/uselib-2.4.28.patch

And the Debian kernel SVN repo has a patch, too:

http://svn.debian.org/wsvn/kernel/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/122_sec_brk-locked.diff?op=file&rev=0&sc=1

Reply to:

References:
- [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
  - From: Simon Raven / Eric S. Côté <simon@nuit.ca>
- Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
  - From: Lionel Elie Mamane <lionel@mamane.lu>

Prev by Date: Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
Next by Date: UNSUBSCRIBE
Previous by thread: Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
Next by thread: CAN-2004-1056 status at kernel.org ?
Index(es):
- Date
- Thread