Bug#601747: RDS protocol vulnerability
tag 601747 + moreinfo
On Fri, 2010-10-29 at 18:07 +0900, Hideki Yamane wrote:
> Package: linux-2.6
> Version: 2.6.32-26
> You know, RDS protocol vulnerability was found in Linux kernel.
> US-Cert says (http://www.kb.cert.org/vuls/id/362983)
> > The RDS protocol implementation of Linux kernels 2.6.30 through
> > 2.6.38-rc8 contain a local privilege escalation vulnerability.
Are you actually experiencing this in 2.6.32-26, or just assuming it's
affected because the US-CERT page says it is?
-26 is the upload which is intended *to fix* this issue; see the
changelog and http://security-tracker.debian.org/tracker/CVE-2010-3904