kernel update highly recommended
Nathanael D. Noblet
nathanael at gnat.ca
Wed Dec 9 18:20:02 UTC 2009
On 12/09/2009 11:14 AM, Kyle McMartin wrote:
> Hi folks,
>
> I'd highly recommend if you're running 2.6.31 or 2.6.32, that you update
> to the latest kernel in the koji builds here:
>
> http://koji.fedoraproject.org/koji/taskinfo?taskID=1864871
> http://koji.fedoraproject.org/koji/taskinfo?taskID=1864876
>
> They fix a rather severe security problem with ext4 caused by
> insufficient permission checking by the ext4 ioctl code, allowing a
> malicious local user to corrupt files. Note, the ioctl isn't currently
> used by userspace, so if you build your own kernels, you can just nuke
> the entire EXT4_IOC_MOVE_EXT ioctl case.
>
> NOTE: This is only a problem if you're using EXT4, if you aren't, you're
> safe.
>
> I'll get these pushed out to stable asap, but I wanted to let folks know
> just in case rawhide doesn't compose before the downtime.
This a rawhide only issue or F12 as well?
More information about the fedora-devel-list
mailing list