Re: Wheezy is vulnerable to CVE-2013-2094

To: debian-security@lists.debian.org
Subject: Re: Wheezy is vulnerable to CVE-2013-2094
From: Riku Valli <riku.valli@vallit.fi>
Date: Wed, 15 May 2013 17:02:48 +0300
Message-id: <[🔎] 51939588.9090006@vallit.fi>
In-reply-to: <[🔎] CAAH150Yd+zDT2exEfOvQebfg_tzX3Tad-2EqjvnWeW=_9zTPuw@mail.gmail.com>
References: <[🔎] CAHRhq0oKnfOieZCC1BwrX1o3YEzR-D0aGCZ4mq0WQPiUzJw2XA@mail.gmail.com> <[🔎] CAN=HbLKvPKCop39STjdivBFGCaymjzmmH1FvfU=qNMitrNYJ=w@mail.gmail.com> <[🔎] 87y5bhjw74.fsf@zoth-ommog.unzane.com> <[🔎] CAN=HbLJp+NgqX4D6MjeEppoEh_f7zW8EfqVpmU1SC+icHG953Q@mail.gmail.com> <[🔎] 519307DE.9050300@mail.ru> <[🔎] CAAH150Yd+zDT2exEfOvQebfg_tzX3Tad-2EqjvnWeW=_9zTPuw@mail.gmail.com>

On 05/15/2013 01:50 PM, Kees de Jong wrote:
> Gavin, did you use the right exploit? The output looks like it's
> designed for a 2.6.37 kernel. I don't have a computer near me to check
> the exploit myself. Could you please verify you used the right exploit?
> Thanks!


Bug is in 2.6.37-3.8.8, fixed in 3.8.9 and kernel must be compiled with
PERF_EVENTS (default on most modern distros). Bug fixed in 3.8.10.

ref: https://news.ycombinator.com/item?id=5703758

Hope at this help

Regards, Riku

Reply to:

References:
- Wheezy is vulnerable to CVE-2013-2094
  - From: John Andreasson <andreassonjohn@gmail.com>
- Re: Wheezy is vulnerable to CVE-2013-2094
  - From: Gavin <netmatters@gmail.com>
- Re: Wheezy is vulnerable to CVE-2013-2094
  - From: Gerald Turner <gturner@unzane.com>
- Re: Wheezy is vulnerable to CVE-2013-2094
  - From: Gavin <netmatters@gmail.com>
- Re: Wheezy is vulnerable to CVE-2013-2094
  - From: nnex <nnex@mail.ru>
- Re: Wheezy is vulnerable to CVE-2013-2094
  - From: Kees de Jong <keesdejong@gmail.com>

Prev by Date: Re: Wheezy is vulnerable to CVE-2013-2094
Next by Date: Upcoming stable point release (7.1)
Previous by thread: Re: Wheezy is vulnerable to CVE-2013-2094
Next by thread: Re: Wheezy is vulnerable to CVE-2013-2094
Index(es):
- Date
- Thread