Re: another kernel vulnerability

To: debian-security@lists.debian.org
Subject: Re: another kernel vulnerability
From: Andreas Barth <aba@not.so.argh.org>
Date: Mon, 5 Jan 2004 20:18:41 +0100
Message-id: <[🔎] 20040105191841.GC23081@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20040105145015.GB27460@northernsecurity.net>
References: <[🔎] 20040105145015.GB27460@northernsecurity.net>

* Thomas Sjögren (thomas@northernsecurity.net) [040105 16:10]:
> If you haven't heard it already:
> Synopsis:  Linux kernel do_mremap local privilege escalation
> vulnerability
> Product:   Linux kernel
> Version:   2.2, 2.4 and 2.6 series
> http://isec.pl/vulnerabilities/isec-0013-mremap.txt
> 
> Patch:
> http://linux.bkbits.net:8080/linux-2.4/patch@1.1136.92.4

There's one other security problems open in 2.4.* (<24), see
http://linux.bkbits.net:8080/linux-2.4/patch@1.1136.92.1
http://linux.bkbits.net:8080/linux-2.4/patch@1.1136.92.2 (second is
fix for the first fix).


Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to:

References:
- another kernel vulnerability
  - From: Thomas Sjögren <thomas@northernsecurity.net>

Prev by Date: Re: 2.4.18-bf2.4 version confusion, patches?
Next by Date: Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?
Previous by thread: Re: another kernel vulnerability
Next by thread: Re: [SECURITY] [DSA 407-1] New ethereal packages fix several vulnerabilities
Index(es):
- Date
- Thread