Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)

To: "Bastian Blank" <waldi@debian.org>
Cc: 464945@bugs.debian.org
Subject: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
From: "Vitaliy Okulov" <vitaliy.okulov@gmail.com>
Date: Mon, 11 Feb 2008 12:43:12 +0300
Message-id: <[🔎] b37fe17d0802110143t3a38e56eq6031a5303dcb16ff@mail.gmail.com>
Reply-to: "Vitaliy Okulov" <vitaliy.okulov@gmail.com>, 464945@bugs.debian.org
In-reply-to: <[🔎] 20080210120033.GB18264@wavehammer.waldi.eu.org>
References: <[🔎] 20080210001920.12161.51480.reportbug@doktor> <[🔎] 20080210120033.GB18264@wavehammer.waldi.eu.org>

Ok, patch work for me.

2008/2/10, Bastian Blank <waldi@debian.org>:

tags 464945 patch

On Sun, Feb 10, 2008 at 03:19:20AM +0300, Okulov Vitaliy wrote:
> Just try explot from http://www.milw0rm.com/exploits/5092 at my
> linux-image-2.6.18-5-686 kernel. And it works. Please backport patch
> from 2.6.24.1 kernel (CVE-2008-0009/10).

Preliminary patch, it includes more checks then the update in 2.6.24.1.

It at least fixes the exploit.

Bastian

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iEYEARECAAYFAkeu52EACgkQnw66O/MvCNEfrQCfbFbdVcfe4VblSOxNOLiY9d9F
GQoAoJCiusdKbBIaZOIUX5YwugsgNRwk
=VaLS
-----END PGP SIGNATURE-----

Reply to:

References:
- Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
  - From: Okulov Vitaliy <vitaliy.okulov@gmail.com>
- Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Bug#464953: exploit hung my machine
Next by Date: Bug#464953: seems to be fixed
Previous by thread: Re: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
Next by thread: Bug#464945: linux-image-2.6.18-6-686: Exploit for vmsplice work for linux-image-2.18-5-686 (CVE-2008-0009/10)
Index(es):
- Date
- Thread