[K12OSN] Linux kernel DoS exploit -- don't need root!

Eric Harrison eharrison at mail.mesd.k12.or.us
Mon Jun 14 20:23:15 UTC 2004

On Mon, 2004-06-14 at 12:48, Calvin Park wrote:
> Yeah, I'm none too pleased. Oh well, I suppose I'm off to recompile the
> kernel. 
> Eric, will the next version of K12 come "out of the box" with the patch?
> I know you might not have an answer for that right this second, or
> perhaps you've already answered it somewhere and I missed it. Thanks in
> advance.
> -Calvin

A patched kernel for FC2 was uploaded about 45mins ago. I don't have a
local copy yet. Presumably a FC1 version will be available shortly.

Apt/up2date/yum will pick up the patched kernel as soon as it is

As for the next builds of K12LTSP, yes I generally do include all of
the security patches. Kernels can be tricky, however, so I won't 100%
guarantee that this will be included. If you already have K12LTSP 
installed, you'll pick up the patched kernel via apt/up2date/yum and
thus don't have to worry too much about what patches are, or are not,
included in the next release of K12LTSP...


> On Mon, 2004-06-14 at 14:57, Terrell Prude' wrote:
> > Hello folks,
> > 
> > I don't have read-access to my K12OSN folder, as I am at work, so if 
> > this has already been announced, my apologies.
> > 
> > There is a newly-discovered bug in the Linux kernel versions 2.4 and 2.6 
> > (nearly every version on nearly every distro) that will lock a GNU/Linux 
> > box.  All you need is shell access; *you do not need root*.  That means 
> > that any rambunctious kid could lock your K12LTSP server(s)!
> > 
> > Yes, there is a patch.  I don't know if there's a Fedora-, WBEL-, or 
> > RHEL-specific update at this time.
> > 
> > Here's the link:
> > 
> > http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html
> > 
> > --TP
> > 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/k12osn/attachments/20040614/11c12289/attachment.sig>

More information about the K12OSN mailing list