SF post - Linux kernel file offset pointer races
Simon Weller
simon at nzservers.com
Wed Aug 4 20:02:49 UTC 2004
I guess I owe Paul Starzetz an apology for slanting his good name :-(
Although it seems unfortunate that very few distributions are on top of this
issue.
regards,
Simon
On Wednesday 04 August 2004 02:44 pm, Ed Brown wrote:
> There are updates out already for RHEL2.1 and 3. Their security
> advisory added:
>
> "These packages contain a patch written by Al Viro to correct these
> flaws.
> Red Hat would like to thank iSEC Security Research for disclosing this
> issue and a number of vendor-sec participants for reviewing and working
> on the patch to this issue."
>
> -Ed
>
> On Wed, 2004-08-04 at 13:38, Simon Weller wrote:
> > Hi all,
> >
> > Paul Starzetz has just posted to SF with proof of concept for some
> > explotiable memory reads.
> >
> > <sarcasm on>
> > So nice of him to give everyone a little warning prior to releasing a
> > proof of concept.
> > </sarcasm off>
> >
> > He's suggesting that all 2.4 and all 2.6 kernels are vunerable, and just
> > to make our lives more enjoyable, there are currently no fixes out.
> >
> > regards,
> >
> > Simon
>
> --
> fedora-legacy-list mailing list
> fedora-legacy-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-legacy-list
--
Simon Weller LPIC-2, BCIP
Systems Engineer
NZServers LTD
http://www.nzservers.com/
U.S. Branch
<-
To mess up a Linux box, you need to work at it; to mess up your Windows box,
you just need to work on it.
- Scott Granneman, Security Focus
->
More information about the fedora-legacy-list
mailing list