RE: Local Root Hole

To: "'Debian User'" <debian-user@lists.debian.org>
Subject: RE: Local Root Hole
From: "Jeremy Gaddis" <jeremy@gaddis.org>
Date: Fri, 21 Mar 2003 17:15:42 -0500
Message-id: <[🔎] 000a01c2eff7$69ff1300$0400a8c0@main.gaddis.org>
In-reply-to: <[🔎] 024f01c2efeb$75400c80$3718a8c0@kris>

> -----Original Message-----
> From: Kris [mailto:krisp1@mlode.com] 
> Sent: Friday, March 21, 2003 3:50 PM
> To: Debian List
> Subject: Local Root Hole
> 
> xepsilon writes "A local Linux security hole using ptrace has been
> discovered that allows a potential attacker to gain root 
> privileges. Linux
> 2.2.25 has been released to correct this security hole, along 
> with a patch
> for 2.4.20-pre kernels. 2.4.21 ought to contain this fix, once it is
> released. 2.5 is not believed to be vulnerable to this 
> security hole. See
> this email from Alan Cox for details, and a patch."
> 
> I am using debian kernel 2.4.18-586
> Does this apply to me.  If so I am a newbie and don't know 
> exactly how to
> find the patch or even implement it.  Please advise.  Kris

Yes, this affects your kernel, assuming it is the stock Debian
kernel.  You can either download the kernel sources, patch it,
and compile a new kernel yourself, or wait for the Debian team
to release an updated kernel (if they haven't already).

j.

--
Jeremy L. Gaddis   <jeremy@gaddis.org>   <http://www.gaddis.org>

Reply to:

References:
- Local Root Hole
  - From: "Kris" <krisp1@mlode.com>

Prev by Date: [SOLVED]RE: Mounting 250mb Zip Drive (Internel)
Next by Date: Re: Disable mozilla plugins selectively
Previous by thread: Local Root Hole
Next by thread: Re: Local Root Hole
Index(es):
- Date
- Thread