[K12OSN] Major Kernel Vulnerability in FC6
k12ltsp
k12ltsp at hermon.net
Tue Feb 12 19:50:56 UTC 2008
Hi,
It's being reported over the news and online that a major kernel
vulnerability exists in many versions of linux, including FC6, that allows
any user to gain root access from their command line.
We have already had a student learn of this exploit and take down our
network. Unfortunately Redhat stopped updating FC6 as of december 7 and
have no plans to update it anymore. Fixes for the vulnerability are now
available for FC7 and FC8.
Does anyone know what the status is with K12LTSP moving to FC7 or higher?
Does anyone know of an RPM Kernel upgrade that is available for FC6 that
we can install to correct the issue?
This exposes a major vulnerability that any student can take advantage of
and gain root access.
Links:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
update
(Last update Dec 7.)
http://72.14.205.104/search?q=cache:VjjZyptn_DYJ:spevack.livejournal.com/33032.html+fc6+dec+7&hl=en&ct=clnk&cd=1&gl=us&client=firefox-a
(mentioning that Redhat no longer updates repo. since Dec 7)
http://secunia.com/advisories/28835/
(vulnerabiity)
More information about the K12OSN
mailing list