FS#20876 - [kernel26] security alert x86_64 Ac1db1tch3z exploit
Attached to Project:
Arch Linux
Opened by Ike Devolder (BlackEagle) - Friday, 17 September 2010, 16:39 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 17 September 2010, 18:11 GMT
Opened by Ike Devolder (BlackEagle) - Friday, 17 September 2010, 16:39 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 17 September 2010, 18:11 GMT
|
Details
Description:
http://sota.gen.nz/compat2/ http://www.h-online.com/security/news/item/Hole-in-Linux-kernel-provides-root-rights-1081317.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081 http://seclists.org/fulldisclosure/2010/Sep/273 in short :: root access can be gained thru 32bit compatibility Additional info: * package version(s) * config and/or log files etc. Steps to reproduce: use the exploit from one of the links: http://sota.gen.nz/compat2/robert_you_suck.c attached the commit in the kernel tree, you need to remove the tile stuff, in the attached one its already done. http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git&a=commitdiff&h=c41d68a513c71e35a14f66d71782d27a79a81ea6 |
This task depends upon
Closed by Pierre Schmitz (Pierre)
Friday, 17 September 2010, 18:11 GMT
Reason for closing: Fixed
Additional comments about closing: already in [testing]
Friday, 17 September 2010, 18:11 GMT
Reason for closing: Fixed
Additional comments about closing: already in [testing]
Comment by Ionut Biru (wonder) -
Friday, 17 September 2010, 16:51 GMT
Comment by
Ike Devolder (BlackEagle) - Friday,
17 September 2010, 17:23 GMT
http://mailman.archlinux.org/pipermail/arch-dev-public/2010-September/017953.html
ok sorry didnt read the mailinglist