Fedora Legacy Test Update Notification: Kernel
Dave Jones
davej at redhat.com
Sat Feb 21 18:44:26 UTC 2004
On Sat, Feb 21, 2004 at 12:55:06PM -0500, Charles R. Anderson wrote:
> > Paul Starzetz discovered a flaw in return value checking in mremap()
> > in the Linux kernel versions 2.4.24 and previous that may allow a local
> > attacker to gain root privileges. No exploit is currently available;
> > ...
>
> There is an Proof-of-concept exploit available:
>
> http://www.derkeiler.com/Mailing-Lists/Securiteam/2004-02/0052.html
that's "crash the box" exploit as opposed to "get local root", which
is what the 'no exploit' refers to in the original Red Hat advisory.
Dave
More information about the fedora-legacy-list
mailing list