Package: kernel-source-2.6.8 Version: 2.6.8 Severity: grave Tags: security Justification: user security hole
Paul Starzetz from iSec Security Research has discovered a local root exploit in the Linux kernel: > Locally exploitable flaws have been found in the Linux > binary format loaders' uselib() functions that allow local > users to gain root privileges. The full advisory text: http://isec.pl/vulnerabilities/isec-0021-uselib.txt I haven't found a patch for 2.6 yet, a patch for 2.4 is available in the 2.4 Bitkeeper branch. Cheers, Moritz -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.9-1-386 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages kernel-source-2.6.8 depends on: ii binutils 2.15-5 The GNU assembler, linker and bina ii bzip2 1.0.2-2 high-quality block-sorting file co ii coreutils [fileutils] 5.2.1-2 The GNU core utilities
