Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory

To: debian-security <debian-security@lists.debian.org>
Subject: Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory
From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
Date: Tue, 2 Dec 2003 13:16:11 +0100
Message-id: <[🔎] 20031202121610.GA21144@ildicow.saturnus.vein.hu>
In-reply-to: <20031201201712.GA14687@wiggy.net>
References: <20031201201712.GA14687@wiggy.net>

Just a humble question: how the average user who doesn't use the
kernel sources provided by Debian and cannot follow lk should have
known about the bug?  The changelog read ``Add TASK_SIZE check to
do_brk()'', there's no indication that it's a security fix.

I'm really curious how you cope with it.

bit,
adam

-- 
Am I a cleric?     | 1024D/37B8D989
Or maybe a sinner? | 954B 998A E5F5 BA2A 3622
Unbeliever?        | 82DD 54C2 843D 37B8 D989
Renegade?          | http://www.keyserver.net

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory
  - From: Micah Anderson <micah@riseup.net>
- Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory
  - From: Rick Moen <rick@linuxmafia.com>
- Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Next by Date: Re: LSM-based systems and debian packages
Previous by thread: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Next by thread: Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory
Index(es):
- Date
- Thread