[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory

I want to chime in here also, I too was unhappy that I did not know
about a local root exploit in 2.4.22 until the Debian machines were
compromised in this manner. I think a lot of people were in the same
boat (not to mention the debian folks). I watch kerneltrap, kernel
traffic, and slashdot fairly regularly for these purposes, and I did
not see anything of this sort come through, otherwise I would have
patched immediately (which is what I did last night when I received
the information).

Previous kernel security holes have been treated with a lot more
"transparancy" and communication than this one was, I am disappointed
that this one wasn't. I understand that the "transfer of the guard"
was going on between 2.4.22 and 2.4.23 to a new maintainer, which
might have caused this. This is not a Debian problem, IMHO, but a
kernel development issue, and I would like to know how I can be more
abreast of future security issues like this if Bugtraq (et. al), kerneltrap,
kerneltraffic, slashdot, etc. are not notified to flag this, and
kernel.org does not flag this on the website, are we to wait for some
high profile exploit to happen again before we are alerted to this

Unfortuantely, complaining about it here isn't going to help, but I
solicit other's comprehension of the matter to better identify the
best way to address this problem. Should something be sent to the
linux-kernel development list from "A group of concerned Debian users"
or should we individually troll the list complaining about this and
not doing anything? ;)


On Tue, 02 Dec 2003, Adam ENDRODI wrote:

> Just a humble question: how the average user who doesn't use the
> kernel sources provided by Debian and cannot follow lk should have
> known about the bug?  The changelog read ``Add TASK_SIZE check to
> do_brk()'', there's no indication that it's a security fix.
> I'm really curious how you cope with it.
> bit,
> adam
> -- 
> Am I a cleric?     | 1024D/37B8D989
> Or maybe a sinner? | 954B 998A E5F5 BA2A 3622
> Unbeliever?        | 82DD 54C2 843D 37B8 D989
> Renegade?          | http://www.keyserver.net
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: