Bug#308634: kernel-source-2.6.8: A locally exploitable flaw to gain root.
Package: kernel-source-2.6.8
Severity: grave
Justification: user security hole
A locally exploitable flaw has been found in the Linux ELF binary format
loader's core dump function that allows local users to gain root
privileges and also execute arbitrary code at kernel privilege level.
Version: 2.2 up to and including 2.2.27-rc2, 2.4 up to and including
2.4.31-pre1, 2.6 up to and including 2.6.12-rc4
Exploit, and futher information: http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.12-rc4-optimized
Locale: LANG=fi_FI@euro, LC_CTYPE=fi_FI@euro (charmap=ISO-8859-15)
Reply to: