Re: [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix severalvulnerabilities
On Mon, Oct 01, 2007 at 07:54:09PM +0200, Ralf Hemmenst??dt wrote:
>
> As Tim Wickberg already mentioned last week the local root exploit
> due to CVE-2007-4573 still works for the updated Xen kernel
> packages.
>
> This is because of the fact xen does not use ia32entry.S but
> ia32entry-xen.S which is located in linux-2.6-xen-sparse.
>
> I have attached the patch to fix CVE-2007-4573 for Xen-x86_64
Thanks Ralf (and Tim) - I'll try to get a new update sent out this
afternoon.
--
dann frazier
Reply to: