SF post - Linux kernel file offset pointer races
Ed Brown
ebrown at lanl.gov
Wed Aug 4 19:44:51 UTC 2004
There are updates out already for RHEL2.1 and 3. Their security
advisory added:
"These packages contain a patch written by Al Viro to correct these
flaws.
Red Hat would like to thank iSEC Security Research for disclosing this
issue and a number of vendor-sec participants for reviewing and working
on the patch to this issue."
-Ed
On Wed, 2004-08-04 at 13:38, Simon Weller wrote:
> Hi all,
>
> Paul Starzetz has just posted to SF with proof of concept for some explotiable
> memory reads.
>
> <sarcasm on>
> So nice of him to give everyone a little warning prior to releasing a proof of
> concept.
> </sarcasm off>
>
> He's suggesting that all 2.4 and all 2.6 kernels are vunerable, and just to
> make our lives more enjoyable, there are currently no fixes out.
>
> regards,
>
> Simon
More information about the fedora-legacy-list
mailing list