Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)

To: 464945@bugs.debian.org
Cc: Okulov Vitaliy <vitaliy.okulov@gmail.com>
Subject: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
From: Stefan Fritsch <sf@sfritsch.de>
Date: Sun, 10 Feb 2008 09:48:07 +0100
Message-id: <[🔎] 200802100948.13920.sf@sfritsch.de>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 464945@bugs.debian.org

> Just try explot from http://www.milw0rm.com/exploits/5092 at my
> linux-image-2.6.18-5-686 kernel. And it works. Please backport patch
> from 2.6.24.1 kernel (CVE-2008-0009/10).

2.6.24.1 does not fix the issue, see

http://marc.info/?l=linux-kernel&m=120262352612128&w=2

I have also verified that the lenny 2.6.22 kernel is vulnerable.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Prev by Date: Bug#465022: linux-image-2.6.24-1-xen-686: Does not work
Next by Date: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
Previous by thread: Bug#464945: closed by Bastian Blank <waldi@debian.org> (Bug#464945: fixed in linux-2.6 2.6.24-4)
Next by thread: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
Index(es):
- Date
- Thread