Re: Kernel update status
Nevermind. 2.6.32-23 is a good fix for CVE-2010-3301. I was reading my
screen incorrectly. I won't go into details, as they're too embarrassing
to mention. Thanks for testing.
--
Adam Carheden
Norbert Tretkowski wrote:
> Am Dienstag, den 21.09.2010, 10:24 -0600 schrieb Adam Carheden:
>> Has anyone with access to Mr. Gilber's compiled kernel had a chance to
>> test it? Did I bork `cd linux-2.6-2.6.32 && fakeroot debian/rules
>> binary` somehow or are we missing a patch?
>
> The exploit doesn't work for me using linux-2.6 2.6.32-23~bpo50+1:
>
> ntretkow@hostname:~$ id
> uid=1000(ntretkow) gid=1000(ntretkow) groups=1000(ntretkow)
>
> ntretkow@hostname:~$ cat /proc/version
> Linux version 2.6.32-bpo.5-amd64 (Debian 2.6.32-23~bpo50+1) (norbert@tretkowski.de) (gcc version 4.3.2 (Debian 4.3.2-1.1) ) #1 SMP Sat Sep 18 19:03:14 UTC 2010
>
> ntretkow@hostname:~$ ./ex
> resolved symbol commit_creds to 0xffffffff8106912d
> resolved symbol prepare_kernel_cred to 0xffffffff81069030
> mapping at 3f80000000
> UID 1000, EUID:1000 GID:1000, EGID:1000
>
> sh-3.2$ id
> uid=1000(ntretkow) gid=1000(ntretkow) groups=1000(ntretkow)
>
>
> Norbert
>
>
Reply to: