Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Linux Kernel Vulnerability ... and prior InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Linux Kernel Vulnerability ... and prior

Published: 2008-02-11
Last Updated: 2008-02-11 21:05:49 UTC
by Mari Nichols (Version: 3)
0 comment(s)

From the “batten the hatches department” (borrowed from slashdot), it seems like we have been doing a lot of battening lately and will do even more in the next…um, week or so?  Here is one for the Linux people on pre-patch Tuesday, oh my…

One of our readers, Chris, said, “ apparently affecting RHEL5 and OpenSuSE 10.3 amongst other popular distributions, could be rather bad news.”

Gordon sent us this quote from Slashdot:  "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice."

Here is the Security Focus Data:

So get busy people… we will keep you updated!  Send any comments here.

Update 1:  James gave us the link for the latest stable version of Linux Kernel is

Update 2:  RB wrote in and said, "Kernels using the grsecurity patches (eg. Gentoo hardened-sources) that are appropriately configured are not vulnerable to this.  According to the author, PAX_MEMORY_UDEREF is the critical component, among others.  I've verified this on several 32 and 64-bit systems."



0 comment(s)
Diary Archives