RE: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

To: <debian-user@lists.debian.org>
Subject: RE: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels
From: "Jeremy Gaddis" <jeremy@gaddis.org>
Date: Mon, 31 Mar 2003 00:23:43 -0500
Message-id: <[🔎] 002101c2f745$b2b07cb0$0400a8c0@main.gaddis.org>
In-reply-to: <[🔎] 1048941521.1960.5.camel@vishnu>

> -----Original Message-----
> From: Shri Shrikumar [mailto:shri@urbyte.com] 
> Sent: Saturday, March 29, 2003 7:39 AM
> To: debian-user@lists.debian.org
> Subject: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels
> 
> Does that mean that a kernel that has module loading disabled is not
> vulnerable to this exploit ?

According to one of the original posts on this (from Alan maybe?
can't remember), there are three or four cases in which this wouldn't
be exploitable.  A kernel which doesn't use modules is one of those
cases.  The kernel on my firewall is monolithic and I was not
successfully when attempting to gain root access using exploits
already made public.

YMMV.

j.

--
Jeremy L. Gaddis   <jeremy@gaddis.org>   <http://www.gaddis.org>

Reply to:

References:
- Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels
  - From: Shri Shrikumar <shri@urbyte.com>

Prev by Date: Re: How do I "apt-get upgrade" the kernel for debian-390?
Next by Date: pkt_too_big
Previous by thread: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels
Next by thread: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels
Index(es):
- Date
- Thread