Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#20876 - [kernel26] security alert x86_64 Ac1db1tch3z exploit

Attached to Project: Arch Linux
Opened by Ike Devolder (BlackEagle) - Friday, 17 September 2010, 16:39 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 17 September 2010, 18:11 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To No-one
Architecture x86_64
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

http://sota.gen.nz/compat2/
http://www.h-online.com/security/news/item/Hole-in-Linux-kernel-provides-root-rights-1081317.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081
http://seclists.org/fulldisclosure/2010/Sep/273

in short :: root access can be gained thru 32bit compatibility

Additional info:
* package version(s)
* config and/or log files etc.


Steps to reproduce:

use the exploit from one of the links:
http://sota.gen.nz/compat2/robert_you_suck.c

attached the commit in the kernel tree, you need to remove the tile stuff, in the attached one its already done.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git&a=commitdiff&h=c41d68a513c71e35a14f66d71782d27a79a81ea6
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Friday, 17 September 2010, 18:11 GMT
Reason for closing:  Fixed
Additional comments about closing:  already in [testing]
Comment by Ionut Biru (wonder) - Friday, 17 September 2010, 16:51 GMT Comment by Ike Devolder (BlackEagle) - Friday, 17 September 2010, 17:23 GMT
ok sorry didnt read the mailinglist

Loading...