[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: howcome there's no DSA for the latest Linux ptrace hole?



On Thu, Mar 20, 2003 at 05:29:56PM -0800, Jon wrote:
> On Thu, 2003-03-20 at 14:50, Tom Goulet (UID0) wrote:
> 
> > Are the Debian kernels vulnerable to this hole?
> > 
> 
> This post to BugTraq by Andrzej Szombierski (who found the problem)
> includes a sample exploit for x86.  You can use it to see if you are
> vulnerable. 

Isn't it the same bug for which Alan Cox (IIRC) provided a patch
recently (which was applied to kernel-source-2.4.20 version
2.4.20-3woody.2)?

http://lists.debian.org/debian-changes/2003/debian-changes-200303/msg00021.html

The exploit linked to from the mentioned post doesn't give me root on a
box with this kernel...

Marcin
-- 
Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216



Reply to: