[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Kernel update status

On Fri, Sep 17, 2010 at 11:31:09PM +0200, Sylvain Beucler wrote:
> On Fri, Sep 17, 2010 at 11:08:39PM +0200, Norbert Tretkowski wrote:
> > Am Freitag, den 17.09.2010, 22:37 +0200 schrieb Sylvain Beucler:
> > > The 2.6.32 kernel in bpo is affected by CVE-2010-3301:
> > > http://sota.gen.nz/compat2/
> > > (with escalation to root privs)
> > > 
> > > I suppose that people are working on fixing this, for squeeze and then
> > > for bpo - is there a status / ETA?
> > 
> > The package for lenny-backports gets updated as soon as there is an
> > update for unstable available.
> Thanks.  I'm interested in an estimation of the time this will take,
> which will help me decide whether I should just work-around the
> problem (shutdown / disable 32-bit...) until the update, or if I
> should patch it myself, or look for some unofficial update.

  Note that in my own testing of the 'robert_you_suck.c' exploit I found
that disabling 32bit binaries IS NOT A VALID WORKAROUND.  The binfmt
magic did indeed stop 32bit binaries from running (just echo'ing their
name instead), but I could still run the robert_you_suck exploit and
get UID 0.
  I didn't check the ABftw.c exploit in this manner.

  I can, however, confirm that the following 3 cherry picked git commits
seem to prevent both exploits from working:


apply in that order.  If I was more familiar with git I could give you
git cherry-pick commands to pull them in, but I'm not, so ....
  Oh, one caveat.  If you grab a diff patch of those commits the first
will fail against due to the arch/tile/ bits not being present.
I assume the whole arch (or at least the affected file) was added in
2.6.36.git and ignored that hunk failure.

- Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/
                  Finger athan(at)fysh.org for PGP key
	   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

Attachment: signature.asc
Description: Digital signature

Reply to: